Wordpress folder permissions [malware]

Placebo

Hey Guys,
while back some of our sites got flagged by google with malware,
while digiweb did have some trouble with losing ftp passwords, i wondered if it was the folder permissions for wordpress image upload.

Cant seem to make much sense of the articles out there,
can people tell me what a safe setting would be ?

If the upload dir is set to 777, does that mean anyone can write to the dir? [public wite?]

thanks

edanto

I'm trying to figure out the same thing.

The wordpress codex on permissions looks like it's explaining things, but even though I understand what the permissions do, I'm still not sure what the correct settings are.

http://codex.wordpress.org/Changing_File_Permissions

It says that each host will have a different set of file permissions settings. I've contacted Digiweb to ask them.


In the meantime - and to help other people searching for this in the future - does anyone here know what the optimum file permissions settings are for Wordpress on Digiweb?

nilhg

My understanding is the the general rule is that all folders should be 755 and files should be 644, it's probably a good place to start anyway, you could deal with any problems as they arise on a case by case basis afterwards.