Aug 142014
 

All In One WP Security And Firewall Filesystem Security helps you setup the file permission for each folder and files in your website and more.

Last Updated: September 5, 2019

Latest News: I updated the documentation.

AIOWPS plugin helps you keep your files and folders permissions levels at the recommended minimum protection set out by WordPress.

Note: You can read more about this in the following link changing-file-permissions.

Your WP installation already comes with reasonably secure file permission settings for the filesystem. 
However, sometimes people or other plugins modify the various permission settings of certain core WP folders or files such that they end up making their site less secure because they chose the wrong permission values. 
This feature will scan the critical WP core folders and files and will highlight any permission settings which are insecure.

All In One WP Security And Firewall Filesystem Security

Step 1 ) Go to WP Security -> Filesystem Security admin tab as illustrated in the image below.

aiowps-filesystem-security-admin-menu

Filesystem Security

Step 2 ) The following image Filesystem Security allows you to set up the following security settings.

Filesystem Security Settings

  • File Permissions
  • PHP File Editing
  • WP File Access
  • Host System Logs

all-in-one-wp-security-and-filewarll-file-system-security

File Permissions

Step 3 ) Go to WP Security -> Filesystem Security -> File Permissions to check and make sure your file system permission are set up correctly. This is an action you should take the moment you install WordPress.

This will add another 20 points score towards your security meter. (Basic Security Level)

Step 3-a ) The image below shows you the Name and File/Folder path of your current WordPress install.

all-in-one-wp-security-file-permission-name

Step 3-b ) The image below shows you the Current Permissions and the Recommended Permission. Click on Set Recommended Permissions button if your permissions settings are incorrect.  all-in-one-wp-security-file-permission-recommended

Step 3-c ) The following list shows you the recommended files permissions by this plugin for your site. All permissions that have a green color means the minimum file permissions have been added as recommended by AIOWPS.

Note: Some of you might want to add a higher level of restrictions to your files. This is entirely up to you.

AIOWPS Recommended File Permissions

  • root directory = 0755
  • wp-includes/ = 0755
  • .htaccess = 0644
  • wp-admin/index.php = 0644
  • wp-admin/js/ = 0755
  • wp-content/themes/ = 0755
  • wp-content/plugins/ = 0755
  • wp-admin/ = 0755
  • wp-content/ = 0755
  • wp-config.php = 0640

Step 3-d ) The following message is displayed if your website is hosted in a Windows server. This stops you from having to adjust the folder file permissions as illustrated above when running your site in a windows server.

all-in-one-wp-security-file-permission-windows-server-detected

PHP File Editing

Step 4 ) Go to WP Security -> Filesystem Security -> PHP File Editing to set up the following option. See image below.

  • Disable PHP File Editing. Many times you will enable this options especially if you have a members website and you don’t want anyone to edit PHP files.
  • Click on Save Setting button once you finish.

This will add another 10 points score towards your security meter. (Basic Security Level)

all-in-one wp-security-disable-php-new

WP File Access

Step 5 ) Go to WP Security -> Filesystem Security -> WP File Access to set up the following option. See image below.

  • Prevent Access to WP Default Install Files. The following will allow you to stop access to Default WP Files on your website.
  • Click on Save Setting button once you finish.

This will add another 10 points score towards your security meter. (Basic Security Level)

all-in-one-wp-security-wp-files-new

Host System Logs

Step 6 ) Go to WP Security -> Filesystem Security -> Host System Logs to view your system log file.

  • Enter System Log File Name
  • Click on View Latest System Logs button to view the latest log file.

Important: The Host System Logs was added in version 3.1

all-in-one-wp-security-host-system-logs-new

If you have any questions please let me know

Enjoy.

All In One WP Security & Firewall Plugin Tutorial List

Manuel Ballesta Ruiz is a web developer, Blogger and WordPress Enthusiast.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)