Community Documentation

v3 Knowledgebase

Most common secure file permissions

In case you want to secure your site files, the following set of permissions is the most common secure option available:

1. file/ (set to 555 only this folder. The content of this folder must be 777 for folders, and 666 for files)
2. include/ (directories can be set to 555, and files to 444).
3. module/ (directories can be set to 555, files to 444).
4. static/ (directories can be set to 555, files to 444).
5. theme/ (directories can be set to 555, files to 444).

Some servers do not allow 777 (folders) or 666 (files), as it could give too much permissions, so, the servers return a 500 internal server error message. If this is your case, use 755 (folders) or 644 (files) instead.

For more information about the file permissions, please visit the following article:


An additional recommendation is to consult with your hosting company about the most secure file permissions, because, in some cases, the configuration of the server requires another set of permissions.