One of the important security features in any OS is the files and directory permission. It is the basic security measure which ensures and restrict the authenticity and privileges of users in a system. Setting file permission reduces the vulnerability that exists when a local access to the system is granted and decides the degree to which an individual’s actions are restricted. Incorrect permission can cause errors like 403 forbidden, access denied or any others.
For 403 errors, you can check other cause from our knowledgebase using the below link.
https://my.aspirationhosting.com/index.php?rp=/knowledgebase/1461/403-Error-Forbidden.html
Each file or directory has three user based permissions (owner, group and others) and three basic permission types (read, write and execute).
To reset the permissions, first, you need to access the server by SSH.
user@local:~$ ssh <cpanel_username>@<server_host_name> -p 3879
username@server_host_name’s password: <your_cpanel_password>
username@server_host_name:~$
You will be in the home directory and need to move to your document root. The document root is the folder where the website files for a domain are stored. For your primary domain, it will be the public_html directory and for addon and subdomains, you can find it from cPanel > Addon Domains/Subdomains.
username@server_host_name:~$ cd public_html
Now you need to enter the below commands to reset the permission.
username@server_host_name:~$ find . -type f -exec chmod 644 {} \;
This is the recommended file permission, the user with permissions to read and write, group and others with read-only permission.
username@server_host_name:~$ find . -type d -exec chmod 755 {} \;
This is the recommended directory permission, user with permission read, write and execute, group and others with and execute permission. Execute permission is required to enter into the directory.
username@server_host_name:~$ find ./var -type d -exec chmod 777 {} \;
username@server_host_name:~$ find ./pub/media -type d -exec chmod 777 {} \;
username@server_host_name:~$ find ./pub/static -type d -exec chmod 777 {} \;
username@server_host_name:~$ chmod 777 ./app/etc
username@server_host_name:~$chmod 644 ./app/etc/*.xml
The server and the user is allowed to read and write from the var and media folders. Var directory is used to write cache, session data, log reports, etc and media is used to upload category or product images. Static contents are stored in the static directory. App directory contains the local.xml/env.php file which is read during the domain requests. So these folders and files should have read and write permission.