Permissions look arbitrary right up until the numbers click, and then they're obvious. chmod 644 means the owner edits a file and everyone else only reads it. chmod 755 adds the right to run, which is what folders and scripts need, and honestly that's most of what we type all day. When a script flat out refuses to run, the fix is almost always chmod +x, nothing cleverer. The three digits are just three groups, owner then group then everyone else, and each one adds read, write or execute. We'll walk the numbers, the symbolic shortcut for a quick one-off change, and the recursive -R that's handy right until it isn't. We leave 777 out of it, because it's almost never the real fix.
The short answer
chmod 644 file for a normal file, chmod 755 dir for a folder or a script,
chmod +x script.sh to make something runnable. Add -R to apply a mode down
a whole tree. The three digits are owner, group, others.
Read the three digits
Each digit is one set of people: the owner, then the group, then everyone else.
Inside a digit you add up read (4), write (2) and execute (1). So 6 is read plus
write, 5 is read plus execute, 7 is the lot. chmod 644 gives the owner read and
write and leaves the rest read only, which is what we want on a plain file nobody
should be running. Run ls -l afterwards and you can read the same thing straight
off the permission string on the left.
chmod 644 notes.txt Folders and scripts need execute
Here’s the bit that catches people: a folder needs the execute bit too, not to be “run” but to be entered at all. So a folder and a script both want 755, where the owner can change things and everyone else can read and run them. Get this wrong on a web directory and you’ll stare at a 403 that has nothing to do with your config.
chmod 755 deploy.sh The quick symbolic change
When you only want to flip one bit, recomputing all three digits is a waste. The
symbolic form just says what changes: +x adds execute, -w removes write, and
you can aim it with u for the owner, g for the group, o for others. I reach
for this far more than the numeric form in day-to-day work.
chmod +x backup.sh 
Apply it down a tree, carefully
-R walks into every file and subfolder. It’s the right tool for fixing a whole
tree at once, but it’s blunt: chmod -R 755 also stamps the execute bit onto
every plain file, which is messy and, on anything public, a small security smell.
When folders and files need different modes, set them separately (find is the
usual way) instead of blanket-applying one number.
chmod -R 755 site/ If you would rather click than count, the chmod calculator turns checkboxes into the exact number and back.
Frequently asked questions
What does chmod 755 actually mean?
Three digits, one per group: owner, group, others. Each digit adds read (4), write (2) and execute (1). So 7 is 4+2+1 (read, write, execute) for the owner, and 5 is 4+1 (read and execute) for the group and for everyone else. It is the standard mode for folders and for scripts that others need to run.
When do I need chmod +x?
When a file should be runnable as a program: a shell script, a downloaded binary, a hook. Without the execute bit the system refuses to run it even if the contents are fine. "chmod +x script.sh" sets it, and you can confirm with "ls -l", where an executable shows an x in the permission column.
How do I apply a permission to a whole folder?
Add -R for recursive: "chmod -R 755 mydir". Be careful, because it hits every file and subfolder. A common refinement is to give folders 755 and files 644 separately with find, since plain files rarely need the execute bit.
Is chmod 777 a good idea?
Almost never. 777 lets anyone read, write and run the file, which is a security hole and usually a sign of guessing at a permission problem rather than fixing it. If something will not work, find the right owner with chown or the right mode (often 644 or 755) instead of opening it to everyone.