- All files should be owned by the actual user’s account, not the user account used for the httpd process.
- Group ownership is irrelevant unless there are specific group requirements for the web-server process permissions checking. This is not usually the case.
- All directories should be 755 or 750.
- All files should be 644 or 640. Exception: wp-config.php should be 440 or 400 to prevent other users on the server from reading it.
- No directories should ever be given 777, even upload directories. Since the PHP process is running as the owner of the files, it gets the owners permissions and – – can write to even a 755 directory.
You can use
chown www-data:www-data -R *
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;