Difference between Chmod and Chown?

Cheerag Nundlall

Well-known member
Registered
Joined
Oct 12, 2016
Messages
333
Points
18
Can you guys tell me what is the difference between Chmod and Chown? I am learning Linux and see these commands, its a bit hard to understand for me :)
 

Efe Agbontaen

Member
Registered
Joined
Sep 4, 2020
Messages
49
Points
6
chmod is used to modify the permissions of a file or folder. Syntax is like chmod 664 filename. This will give Read&Write permissions to the owner and group of the filename and only Read permissions to other users
In order to Modify the permissions of a file, you have to either own that file or be an admin.

Now if for example, you are logged in as root and you want to give userA the ability to use chmod command on a file, then you should use the Chang Owner (chown) command.

Syntax is like chown userA:groupA filename. This will change the filename owner and group to userA and groupA respectively
 

Cheerag Nundlall

Well-known member
Registered
Joined
Oct 12, 2016
Messages
333
Points
18
Cheerag Nundlall
Syntax is like chown userA:groupA filename. This will change the filename owner and group to userA and groupA respectively
On some websites, they guide use chown userA.userA path
why there are differences between commands above?
Which one is correct?
 

Efe Agbontaen

Member
Registered
Joined
Sep 4, 2020
Messages
49
Points
6
Efe Agbontaen
If your Present Directory is in the same folder that the file or directory is, then you can simply use the file name.

But if you are in a different folder, For example, you are in your home folder /home and the folder or file is in /var/www, then the command will be:

chown userA:groupA /var/www/filename
 

tuxandrew

Well-known member
Registered
Joined
Aug 19, 2012
Messages
126
Points
18
Chmod used to change the permission of a file or a directory.
Chown used to change the ownership of a file or a directory .

read-4
write-2
execute -1

chmod 644 <file name> # example

- assign what kind of permissions for the users to have on this file.

Here,
- owner of the file has 4+2 =6 [ read and write] permission.
- users in a group which the file belongs and other users in the system has 4 [read] only permission


chown user:user <file name> #example
The chown command stands for "change owner"

- Can assign ownership for user and group to have the privileges to access the file for operations.
 

Cheerag Nundlall

Well-known member
Registered
Joined
Oct 12, 2016
Messages
333
Points
18
Cheerag Nundlall
When I changed to 644 on websites on centos web panel, website didn't work but when changed to 755, website worked. Why?
 

Efe Agbontaen

Member
Registered
Joined
Sep 4, 2020
Messages
49
Points
6
Efe Agbontaen
It depends on the Web Application. Some web application require certain folders to have full permissions ie 777.
For example, Laravel requires /storage folder and it's contents to have 777. Some require less permissions.

But to find out what your issue is, what exact error do you get when you change permissions to 644?
 

fiz

Well-known member
Hosting Provider
Registered
Joined
Aug 6, 2020
Messages
116
Points
16
fiz
Folders should have 0755 and files should have 0644 permissions mostly.
Config files including .htaccess must have 600.
 
Last edited:

Efe Agbontaen

Member
Registered
Joined
Sep 4, 2020
Messages
49
Points
6
Efe Agbontaen
Okay if you got a 500 error, that means the Web Application is likely having issues and you need to know the exact error.

What you need to do is to go to your apache error log files to check what exactly is the error. Usually, it's an issue with just a single file and once you fix that, it will work.

Also, it would help to know what web application or cms you are using
 

fiz

Well-known member
Hosting Provider
Registered
Joined
Aug 6, 2020
Messages
116
Points
16
fiz
Here are the commands you can use to achieve it.

For directories:
find /home/username/public_html -type d -print0 | xargs -0 chmod 0755

For Files:
find /home/username/public_html -type f -print0 | xargs -0 chmod 0644
 

fiz

Well-known member
Hosting Provider
Registered
Joined
Aug 6, 2020
Messages
116
Points
16
fiz
These commands will apply permissions to all directories/files in the directory you write after find. replace /home/username/public_html with your desired location.
 

fiz

Well-known member
Hosting Provider
Registered
Joined
Aug 6, 2020
Messages
116
Points
16
fiz
It will apply 755 to all files and folders as you said.
 

Efe Agbontaen

Member
Registered
Joined
Sep 4, 2020
Messages
49
Points
6
Folders should have 0755 and files should have 0644 permissions mostly.
Folders should have 0755 and files should have 0644 permissions mostly
I think it is important to mention particularly that files with config information like database details should have 600. Especially when in a shared environment.

Short story:
I was contacted to cleanup a hacked WordPress website. Hacked due to an unsecure WordPress plugin. The hacker then uploaded what I consider a "beautiful script". What the script does is to bruteforce the config location of popular webapps in the /var/www directory...Some of them includes:

WordPress
Joomla
WHMCS and many more

It then created a symlink to these files. And just like that almost all the websites were hacked.

Now the ones that survived the attack are the ones that set their config files to 600 which was about 1 or 2 websites.

Think about it. 644 means:
  • I can read and write to this file
  • Anyone in my group can read this file but not write
  • All other people including an hacker can read this file but not write
 

Chris Worner

Well-known member
Registered
Joined
Apr 15, 2016
Messages
612
Points
28
Chris Worner
I was contacted to cleanup a hacked WordPress website. Hacked due to an unsecure WordPress plugin
I am just curious how you detect a hack from an unsecure WordPress plugin? did you use any tools to find?
 

tuxandrew

Well-known member
Registered
Joined
Aug 19, 2012
Messages
126
Points
18
tuxandrew
You can perform online as well as offline malware scan periodically on your website files to identify vulnerabilities in code or plugins.

Online - you can check for https://sitecheck.sucuri.net/, there are lots of other scanners available online.

Offline - it is clamscan, maldet are few others.
 
Last edited:

fiz

Well-known member
Hosting Provider
Registered
Joined
Aug 6, 2020
Messages
116
Points
16
fiz
If you have a VPS with cPanel which is mostly the case these days. You can have Imunify for FREE. You can run a scan periodically to make sure everything is fine and there is no malware on the server. ClamAV + Maldet is also great and they even provide your cPanel users an option to run a scan whenever they want. There is a lot you can do if you have root access and know how to use Linux.
If you are on Shared Hosting and your Hosting Provider doesn't have the option of Virus Scanner in cPanel then you can use Online Scanners as my friend mentioned in posts above but sometimes they can't read everything you have in your account.

I always suggest people to hire someone to maintain your website so that you can focus on your business rather than handling these issues by yourself. You cannot do everything in your business. and if you are doing everything in your business then you are probably spending more time (which is actual money) than the money you are saving.
 

Efe Agbontaen

Member
Registered
Joined
Sep 4, 2020
Messages
49
Points
6
Efe Agbontaen
If you want to detect if you have been infected in the first place, like others said, there are tools you can use.
But in this case, I wanted to know how exactly the hacker broke in. Since it's a Web App, I'm sure they came in through the web (ie apache) and not some other vulnerability. So I just scanned the Access log of that website manually.

I can't post the actual exploit here, but this screenshot is an example of how I tracked exactly what they did:
Hack.png
 

Efe Agbontaen

Member
Registered
Joined
Sep 4, 2020
Messages
49
Points
6
Efe Agbontaen
Lol, no it's not the scripts that are being saved by the logs.
They are just access logs.

The shell script must have already been put on the file system by the attacker. When the Attacker tries to load these scripts via a Web Browser or any other software that makes requests to the Web server, the Web Server will log that action.

It is very much controllable.
 

fiz

Well-known member
Hosting Provider
Registered
Joined
Aug 6, 2020
Messages
116
Points
16
fiz
Oh yes, you are right. Config files including .htaccess must have 600. It was more like a 500 error kind of situation, so the motive was to help him fix that. But you are absolutely right, should've mentioned this too.
 

hostguy

Member
Registered
Joined
Sep 9, 2020
Messages
49
Points
6
with Chmod command you can change only file permission and give your file Read, write and execute permission. You can also set users with chmod command. I would recommend to check Chmod command.

On the other hand you can change file ownership and permission with Chown command. I would recommend to check Chown command.
 

sam@12

Member
Registered
Joined
Jun 8, 2021
Messages
62
Points
6
chown is to change ownership of the user and group and chmod is for changing permission assigning to user and group
 

sam@12

Member
Registered
Joined
Jun 8, 2021
Messages
62
Points
6
chmod ( change mode ) allows you to control exactly who is able to read, edit, or run your files.
chown ( change owner ) chown command is used to change the file Owner or group. Whenever you want to change ownership you can use chown command.
 

jhonalbert

Member
Registered
Joined
Mar 3, 2022
Messages
16
Points
1
The chmod command stands for “change mode”, and allows changing permissions of files and folders.
The chown command stands for “change owner”, and allows changing the owner of a given file or folder, which can be a user and a group.
That's the difference between them in a nutshell.
 

Cheerag Nundlall

Well-known member
Registered
Joined
Oct 12, 2016
Messages
333
Points
18
Cheerag Nundlall
Your explanation is easy to underhand, I used to use chown command on my VPS and dedicated servers because sometimes I move files and folders from another hosting but with root account so I need change owner for them, must use this command :)
 

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top