Magento file system ownership and permissions
Posted by navaneeth on Jan 18, 2016 in General, Magento | No comments yet

In this section we are going to discuss on how we can set magento file system ownership and permissions:
- Why do we set file system permissions
- Magento File system ownership and permissions
Why do we set file system permissions
Being living in a internet age exploits are a real concern, in-order to prevent malicious exploits we need to take advantage of the file system by setting Magento file system ownership and permissions in a particular way. For more information, see Overview of ownership and permissions.
These are the things needs to keep in mind:
The Magento file system owner:
They must have the full control of all directories and files
This user must be kept as a different user not the web server user and the web server must have the write access to:
- var
- app/etc
- pub
Other than this folders and files web server user must own the files created by Magento Admin or other web-based utilities
So the recommended permissions is as follows:
- All folders must have permission 770.
770 permissions give read/write/execute only to the owner and group and no permissions to others - All files have must have permission 660.
660 permissions give read/write/ only to the owner and group and no permissions to others
File system permissions and ownership
The steps taken to set the permissions and ownership is as follows:
1. Change to the Magento installation directory:
cd /path/to/magento/root
Examples:
Ubuntu: /var/www/magento2
CentOS: /var/www/html/magento2
2. Set ownership:
chown -R : web server user.
Typical examples:CentOS: chown -R :apache .
Ubuntu: chown -R :www-data .
3. Set permissions:
sudo find . -type d -exec chmod 770 {} \; && sudo find . -type f -exec chmod 660 {} \; && sudo chmod u+x bin/magento
Hope this section helps to know about the magento file system ownership and permissions
Leave a Reply