All files and directories on your webserver have permissions which determine who can read, write, modify and access them. Files and directories should not have more permissions than they require; as unnecessarily elevated permissions might leave your site vulnerable to attack. Configuring appropriate permissions significantly reduces the risk of unauthorized access to your WordPress files and folders.
Really Simple SSL Pro (since version 8.2.0) introduces the File Permission Detection feature, available under Settings -> SSL & Security -> “Settings” (top menu bar) -> Hardening -> Advanced -> “File Permissions Check”.Â
When enabled, the plugin will perform a weekly scan to detect any files and folders with insecure/non-recommended permissions. If any insecure permissions are detected you will be notified by e-mail (if you’ve verified your e-mail address), and the following notice will be displayed in the Really Simple SSL Dashboard:
Simply click the Fix button, and the plugin will try correcting the permissions of these items automatically. A notice will appear in the bottom right corner to indicate whether the corrections have been applied successfully.
If the plugin was unable to automatically correct the permissions of certain items on your environment, click the Download text in the Dashboard notice instead. This will export a list of all detected items with insecure permissions, and where they are located; allowing you (or your hosting provider) to adjust their permissions manually.
