I have Magento CE 188.8.131.52 site running no problem (under VPS hosting), after successfully applied some patches, I followed EXACTLY new permission recommendation at http://devdocs.magento.com/guides/m1x/install/installer-privileges_after.html to set the permission (400 for files and 500 for directories), then find my web with "forbidden" error. Does read only permission for all files under website directory including index.php look ridiculous? Does index.php require at least 500 permission? Previous permission settings were 644 for files and 711 for directories. After restoring such permission, the web is working now. It is ascertained that new recommended permission is not appropriate for my hosting environment. Question: 1. the article did not state / mention any requirement for hosting conditions or environment such as apache or php version or modules etc. which gives reader an impression that the new recommended permission settings are irrelevant to hosting environment…..I don’t know. Can anyone tell how true it is? 2. Are such severe permission really making sense and necessary? Such permission make user unable to easily manage web folder using FTP such as WinSCP, to easily alter / update web content, to easily manipulate web page using javascrip. It created a lot of inconvenience to user…what happen to this new recommendation?