Managing Files in cPanel: Upload, Edit, Permissions

File management is one of those topics that sounds simple but trips up new users in oddly specific ways — wrong upload location, mysterious permission errors, “where do my emails actually live”. This guide covers the three things you’ll do most often in cPanel: uploading files, editing them, and fixing permissions when things break.

Where your files actually live

When you log into cPanel, you’re inside your home directory (typically /home/yourcpaneluser/). The single most important folder inside it is public_html/ — that’s the document root for your main domain. Anything inside public_html/ is accessible via your website’s URL.

• /home/yourcpaneluser/public_html/index.html → yourdomain.com/index.html
• /home/yourcpaneluser/public_html/blog/article.html → yourdomain.com/blog/article.html
• /home/yourcpaneluser/public_html/wp-config.php → not accessible via URL directly (protected at the server level), but lives in that folder.

Files outside public_html/ exist but aren’t web-accessible. That’s where you put backups, logs, scripts you run via cron, mail directories — anything that needs to be on the server but should never be downloadable by anyone visiting your site.

Using File Manager

Open cPanel → Files → File Manager. You’ll land in your home directory. Double-click public_html to enter it.

Uploading files

1. Navigate to the folder you want to upload into.
2. Click Upload in the top toolbar.
3. Drag files into the upload area, or click Select File.
4. Watch the progress bars — each file shows a separate one. Don’t close the tab until all complete.
5. Click Go Back to return to the folder view. Refresh to see your uploads.

Upload size limit: File Manager’s upload limit is typically 500 MB. For larger files, use SFTP (covered below) or upload a zip and extract on the server.

Editing files

Right-click any file → Edit or Code Edit. Code Edit gives you syntax highlighting; Edit is plain. For most things (.htaccess, PHP, CSS), Code Edit is the right choice.

Make your changes, click Save Changes in the top-right. Always test your site immediately after editing — particularly for .htaccess or wp-config.php, where a syntax mistake can take the whole site offline.

Extracting and creating archives

Right-click a .zip / .tar.gz / .tar.bz2 → Extract. You’ll be asked where to extract to (default: same folder). For large archives, this is much faster than uploading the extracted files individually.

To create an archive (useful for downloading a whole folder), select files/folders → Compress in the toolbar. Choose .zip format unless you have a specific reason for something else.

Using SFTP (better than File Manager for serious work)

For uploading large files, working with many files at once, or editing in your own code editor (VS Code, Sublime, etc.), SFTP is the right tool.

Connection settings

Use SFTP, never FTP. FTP transmits passwords in plain text — they’re trivially intercepted. SFTP encrypts everything. All major SFTP clients (FileZilla, Cyberduck, WinSCP, Transmit) support it.

Editing directly from VS Code

If you live in VS Code, install the SFTP extension by Natizyskunk (or Remote – SSH if your plan includes SSH). Configure once, and you can edit server files as if they were local — saves push to the server automatically.

File permissions, demystified

Linux file permissions are why your contact form sometimes refuses to send mail, why WordPress can’t write to your uploads folder, or why a script returns “500 Internal Server Error”. They’re not as mystical as the 3-digit numbers make them look.

Each file or folder has permissions for three groups: owner (you), group (Apache/LiteSpeed), world (everyone else). Each group has three permissions: read (r=4), write (w=2), execute (x=1). The 3-digit number is just the sum of those three groups.

The standard rule for almost any web stack: 644 for files, 755 for folders, 600 for secrets. If you’ve ever been told to chmod something to 777, the actual fix is one of these three numbers.

Changing permissions in File Manager

Right-click any file or folder → Change Permissions. The checkboxes show what each digit represents. Set the number, click Change Permissions.

Bulk permission fixes via SSH

If permissions have drifted across an entire site (you’ll see this if you’ve moved a site from another host with different settings), reset everything in one go via SSH:

cd ~/public_html
find . -type d -exec chmod 755 {} ;
find . -type f -exec chmod 644 {} ;
chmod 600 wp-config.php

First two commands reset all folders to 755 and files to 644. The third locks down wp-config.php specifically. Run from the root of your site (~/public_html).

Common file management issues

“500 Internal Server Error” after editing .htaccess. You introduced a syntax error. Open File Manager, navigate to public_html, edit .htaccess, and either fix the error or temporarily rename it to .htaccess.bak to disable it while you sort things out.

Hidden files (.htaccess, .env) not showing in File Manager. Top right → Settings → check Show Hidden Files (dotfiles). They’ll appear immediately.

“Permission denied” when uploading. The target folder’s permissions don’t allow your account to write. Right-click → Change Permissions → confirm folder is 755.

WordPress shows “Briefly unavailable for scheduled maintenance”. File Manager → public_html → look for a file called .maintenance → delete it. Site comes back instantly. (This file is created during plugin/WordPress updates and sometimes doesn’t auto-delete if an update crashes mid-way.)

Large file uploads time out. Use SFTP, not File Manager. Or upload as a zip and extract.

What’s next

• Brand-new account? Start with logging into cPanel and navigating the dashboard.
• Installing WordPress? Two-method WordPress install guide.
• Securing your install? WordPress hardening checklist — file permissions are step 10.

Once you’ve uploaded your first site and fixed your first permissions issue, you’ve passed the hardest part of cPanel. Everything else is more of the same — just in a different menu.