How to set directory and files permissions for a Joomla site in a production environment

When you have a project created on Joomla CMS, you will need to protect your directories and files in order to avoid a possible attack or loosing information. During my time as a web developer and as a server admin in Government I learnt about what’s is a good configuration for setting permissions, for this reason I would like to share a list of commands that you can use in your own server. This set of commands apply to a GNU/Linux or UNIX-like operating systems, obviously I don’t recommend use IIS from Microsoft (I am sorry Microsoft, but PHP + IIS is NOT a good option).

terminal

In a nutshell, you can use these commands:

find /YOUR_SERVER_PATH/YOUR_ROOT_JOOMLA_DIRECTORY -type f -print0 | xargs -0 chmod 644
find /YOUR_SERVER_PATH/YOUR_ROOT_JOOMLA_DIRECTORY -type d -print0 | xargs -0 chmod 755
chmod -R g+w /YOUR_SERVER_PATH/YOUR_ROOT_JOOMLA_DIRECTORY/images
chmod -R g+w /YOUR_SERVER_PATH/YOUR_ROOT_JOOMLA_DIRECTORY/cache
chmod -R g+w /YOUR_SERVER_PATH/YOUR_ROOT_JOOMLA_DIRECTORY/tmp

For example, if my SERVER_PATH is something like this: /var/www/ and my ROOT_JOOMLA_DIRECTORY is digital-newspaper, then we can use this commands:

# This line sets all files inside of digital-newspaper to "644" permissions
find /var/www/digital-newspaper -type f -print0 | xargs -0 chmod 644

# Setting all directories to "755"
find /var/www/digital-newspaper -type d -print0 | xargs -0 chmod 755

# Special group permissions are necessary in images, cache and tmp directories
chmod -R g+w /var/www/digital-newspaper/images
chmod -R g+w /var/www/digital-newspaper/cache
chmod -R g+w /var/www/digital-newspaper/tmp

So, that’s it!

Be happy with your servers!

Alex Arriaga

2 comments on “How to set directory and files permissions for a Joomla site in a production environment”

Leave a Reply to Tonatiuh Tecuan

Your email address will not be published. Required fields are marked *