As @Viper007Bond noted, updating your core, plugins, and themes via the built-in update mechanisms is pretty safe, as far as file-permissions go, because they can use your actual user credentials. For maximum safety, you want to make sure that you have the 一零零 installed. The method of installation (if possible) can vary from host-to-host, so if it\'s not already there, you might need to ask the hosting service, or do some Googling.

Many shared hosting services will use 一零一 in their Apache setup, so that the web service runs as the actual user. This eliminates most permission problems and helps protect your files from other users on the server. However, in cases where Apache runs as a separate user, if you want to upload files into WordPress, you have to open up permissions on the upload directory.

In this case, you probably want your 一零二 directory to have 一零三 permissions, (AKA 一零四). This gives the directory owner full permissions, their group can read files if they know the full path, and others (including the web server) can read files to which they know the path and can create/write files.

Some caching plugins also expect to have a 一零五 directory (or similar) available that they can write to. The same permissions advice would apply to that.

Lastly, for pretty permalinks, WordPress needs to be able to modify the 一零六 file, unless you plan to update it manually. In this case, you\'d want 一零七 for the file mode. However, once you\'ve settled on your permalink structure, you normally won\'t need to change this again, so you could turn off the extra write permissions, and set it to 一零八. Occassionally, a plugin or core upgrade might require access to it, and you could temporarily turn write permissions back on for that, then turn it back off again.

All other files should have 一零八 permissions. Directories should be 一零九 if you\'re extra-paranoid, but that could interfere with any plugins that need to get a list of files from a directory. In that case, or if you aren\'t quite as paranoid, use 一一零, which will allow others to read, but not write.

Most of this is mainly a concern if you are on shared hosting. If you have a dedicated server (including VPS), with no other users that have ssh/ftp access, then you can relax a little more. I don\'t mean that you should just make everything openly writable, but you can probably just trust the system defaults, which will probably be 一一零 permissions on directories instead of 一零九.

If it is an option, get an SSL certificate installed for the site, and once you\'ve tested that you can access your site via 一一一, you can force SSL for admin logins and access by adding these lines to your 一一二 file, just before the \'Stop editing\' comment: