We will introduce the strongest file write permissions (permissions) to prevent malware infection in cases such as repeated malware infections in WordPress.
What are permissions?
Permissions are the permissions to write and read files and folders.
Write permissions are divided into three categories.
Owner → the permissions of the user who created the file (or the user who was granted ownership of the file)
Group → Authority of a group of users on the server that includes the file’s creator.
Other → Authorizations other than those listed above.
These permissions are called permissions and can be set in FTP software such as FileZilla.
Permissions are handled internally with numerical values such as 555, 755, etc. In the example shown in the figure below, you can see that the number is 555 as a result of the check of write permissions, etc., which is displayed clearly by the FTP software.
If write access is disabled, malware will not be able to tamper with the file.
If all permissions are unchecked in the write section of the above figure, malware and even hackers, including the owner, will not be able to modify files and folders.
In other words, it cannot be tampered with. This is why the strongest permission is to disable write permission on all WordPress files and folders.
However, you must make the wp-content/upload folder writable because WordPress uploads images and other files to this folder.
Disadvantages of setting non-writable permissions
However, if you make the permissions of files and folders un-writable, WordPress will not be able to update the files, and you will not be able to update WordPress itself, plug-ins, etc. via the administration screen.
For this reason, we recommend that you take this measure to strongly prevent re-infection in the event of repeated hacker attacks or if hacker attacks become more intense after malware removal.
Also, some servers make file permissions writable without permission, and in such cases, permission-related measures cannot be taken.
To complicate matters further, some advanced malware may alter the permissions themselves to perform tampering. In the case of such malware, permission changes cannot prevent tampering. However, some servers have made it impossible to change permissions (change to loose permissions) via programs (e.g. Sakura server, X server, etc.). (e.g. Sakura Server, Xserver) This is effective against malware that changes permissions itself.
The fundamental solution is to remove the backdoor and take the proper security measures.
Even if changing permissions makes it harder to be reinfected with malware, it is still a coping mechanism.
Once a site is infected, the fundamental solution is to remove the malware and take the correct security measures.
Please consider using a malware scanner and security plug-ins.
Free] WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].
You will also need to take basic WordPress security measures to squash any vulnerabilities that may have allowed hackers to enter your site.
Five free WordPress security measures
For malware removal, we also recommend that you consult an experienced professional.