Basic, Free
Core Files & Permissions scanning for 1 site, surfacing world-writable and overly permissive files out of the box.
Files & Permissions walks your WordPress install, flags world-writable and overly permissive files like 777, and resets them to safe defaults. Catch risky uploads and lock down the files attackers love to abuse, from one screen.
Files & Permissions is a WP Tailwatch feature that scans WordPress file and folder permissions, flags world-writable or overly permissive files such as 777, and fixes them back to safe defaults. It catches risky uploads and complements integrity checks, closing a common misconfiguration attackers exploit.
A single world-writable file can be the door an attacker walks through. Files & Permissions scans every file and folder, shows you what's too open, and resets it to safe defaults, no SSH session or chmod commands required.
Point Files & Permissions at your site and it reads every permission, flags what is too open, and resets it to safe defaults. No manual auditing and no command line.
Files & Permissions reads every file and folder permission across your WordPress install, from wp-config.php to your uploads directory.
Anything looser than the safe baseline, world-writable files, 777 folders, exposed configs, is listed clearly so you can see exactly where the risk is.
Apply the recommended permissions individually or in bulk. Files drop back to 644 and folders to 755, with sensitive files locked down tighter.
Insecure file permissions are a textbook security misconfiguration, one of the most common web application risks, ranked in the OWASP Top Ten, and on WordPress they show up constantly as world-writable files and 777 folders. Source: OWASP Top Ten. When any process can write to your files, a single compromise lets an attacker plant malware site-wide.
Files & Permissions takes that risk off the table. Instead of memorizing chmod values or auditing directories by hand, you get a scan that flags every overly permissive file and fixes it to safe defaults in a click. That's the WP Tailwatch approach: server-grade hygiene made simple, repeatable across every site you run.
Start scanning your permissions for free, scale up across every site you manage.
Core Files & Permissions scanning for 1 site, surfacing world-writable and overly permissive files out of the box.
One-click and bulk permission fixes, detailed scan reports, and re-scans for 1-20 sites, paired with the full WP Tailwatch security suite.
Consistent permission hygiene across 21-1,000 sites with tiered volume pricing and one dashboard for your whole portfolio.
Files & Permissions pairs with the rest of WP Tailwatch, replacing 50+ separate plugins with one platform.
Straight answers on how permission scanning, safe defaults, and one-click fixes work across the free and paid plans.
Files & Permissions scans your WordPress files and folders for insecure permission settings. It flags world-writable and overly permissive files, like 777, that attackers can abuse, then fixes them back to safe recommended defaults from one screen.
Overly permissive files let any process on the server write to them, so an attacker who gains a foothold can plant malware or edit your code. Permissions are a classic security misconfiguration, which is why scanning and tightening them closes a common attack path.
As a general rule, files should be 644 and folders 755, with wp-config.php locked down tighter. Files & Permissions checks your install against these safe defaults, flags anything looser like 777, and can reset it to the recommended values automatically.
A 777 permission makes a file or folder readable, writable, and executable by everyone on the server. It is a frequent cause of compromise because any other account or process can overwrite your files. Files & Permissions flags 777 and resets it to a safe value.
Yes. Files & Permissions is fully available now as part of WP Tailwatch, there is no waitlist or beta. Core permission scanning is included on the free Basic plan, with full scan-and-fix controls on the Business and Agency plans.
A standalone permissions plugin only checks one site. Files & Permissions scans and fixes every site you manage from one place and is one of 50+ tools in WP Tailwatch, so you replace a single-purpose plugin and dozens of others with one platform.
Yes. Upload directories are a common weak spot because they need to be writable. Files & Permissions flags overly permissive upload folders and unexpected writable files there, helping you catch risky uploads before they become an entry point.
Files & Permissions secures who can change files, while WP Tailwatch's File Integrity Watch detects when files actually change. Together they cover both sides, tightening permissions to prevent tampering and alerting you the moment something is modified.
Yes. From the WP Tailwatch mobile app and cloud dashboard you can scan and fix file permissions for every site you own in one place, which is ideal for agencies keeping many WordPress installs locked to safe defaults.
Scan every file, catch world-writable and 777 permissions, and reset them to safe defaults in a click. Start free today.