jypi
  • Explore
ChatWays to LearnMind mapAbout

jypi

  • About Us
  • Our Mission
  • Team
  • Careers

Resources

  • Ways to Learn
  • Mind map
  • Blog
  • Help Center
  • Community Guidelines
  • Contributor Guide

Legal

  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Content Policy

Connect

  • Twitter
  • Discord
  • Instagram
  • Contact Us
jypi

© 2026 jypi. All rights reserved.

Cpanel file permission
Chapters

1Permission Fundamentals in cPanel Hosting

The UNIX permission model (r/w/x)Ownership: user, group, and the web serverNumeric and symbolic modes (644, 755, u+rx)Files vs directories: execute bit semanticsDocument Permission folder

2Tools and Workflows for Setting Permissions

3Security Hardening and Compliance

4Diagnostics, Errors, and Advanced Use Cases

Courses/Cpanel file permission/Permission Fundamentals in cPanel Hosting

Permission Fundamentals in cPanel Hosting

16 views

Grasp the UNIX permission model, ownership, and mode notation as they apply to files and directories within cPanel’s shared hosting environment.

Content

5 of 5

Document Permission folder

1
5 views

Versions:

1

Watch & Learn

AI-discovered learning video

YouTube

Start learning for free

Sign up to save progress, unlock study materials, and track your learning.

  • Bookmark content and pick up later
  • AI-generated study materials
  • Flashcards, timelines, and more
  • Progress tracking and certificates

Free to join · No credit card required

Got it — this is a live cPanel production concern, not something to touch on the local XAMPP server. Here's the situation with the setup you described (separate FTP user scoped to naac_documents):

The catch: cPanel's "additional FTP accounts" (the kind scoped to one folder) are not separate OS users — they're virtual FTP logins that write files under the same underlying Unix account as your main cPanel user. And on most modern cPanel hosts (CloudLinux/suPHP/PHP-FPM-per-account), PHP scripts on that same account also run as that same Unix user. If that's your setup, chmod 0555 blocks writes for both — your scoped FTP user included — because the owner bit itself loses write, and only root can bypass that.

How to find out which situation you're in, and what to actually set:

  1. Check your PHP handler in cPanel → MultiPHP Manager (or "Select PHP Version"). Look at what handler is listed:

    • suPHP / FPM / LSAPI (CloudLinux) → PHP runs as your account owner, same as your FTP logins. This is the common case.
    • DSO (older, less common now) → PHP runs as a shared user (nobody/apache), separate from your account.
  2. If suPHP/FPM/LSAPI (PHP = same user as FTP): permission bits can't separate "your FTP upload" from "a PHP script's write" — they're indistinguishable to Linux. Real protection has to happen at the application layer instead:

    • chmod 755 on naac_documents (not 555) — this at least blocks other cPanel accounts on the same shared server from writing into it if it was previously loose (e.g. 777), which is the realistic external threat on shared hosting.
    • Add a .htaccess in naac_documents that blocks script execution (php_flag engine off + block anything that isn't your allowed file type) — same pattern I used for appraisal_files/ — so even if something does get written there, it can't run as a webshell.
    • If there's an actual upload form feeding that folder, that form needs auth + file-type validation; permissions alone won't fix a vulnerable upload script.
  3. If DSO (PHP = nobody/apache, different from your FTP user): then chmod 755 with the folder owned by your FTP account works exactly as you want — owner (you, via FTP) = rwx, everyone else including PHP-as-nobody = r-x, no write.

Want me to check locally whether there's a copy of that naac_documents upload script/page anywhere in your codebase (so I can see if it's actually validating uploads), or is this folder purely static documents with no upload form behind it?

Flashcards
Mind Map
Speed Challenge

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!

Ready to practice?

Sign up now to study with flashcards, practice questions, and more — and track your progress on this topic.

Study with flashcards, timelines, and more
Earn certificates for completed courses
Bookmark content for later reference
Track your progress across all topics