Magento 2 folder/file permissions

  • I suspect that the permissions might have gotten messed up on my Magento 2 installation. On the old versions I would run the following command to make folders 755 and files 644:

    find . -type f -exec chmod -c 644 {} \; && find . -type d -exec chmod -c 755 {} \;
    

    Can you please let me know what the correct file and folder permissions are for Magento 2 since they seem to be different? Also, if there are some particular folders or files that would need different permissions.

    Try 777 Permission before that take backup

    My server's PHP handler is suPHP and I don't really want to assign 777 to everything since that would practically open my website to anyone. Are there more specific permissions that can be assigned?

    Magento have the file permission on folders to 775 and for the files permission set to 644

    FYI, if magento 2 is in a "home" directory, `var/cache` and `pub/static` need suid bits set. I used: `find var/cache -type d -print0 | xargs -0 sudo chmod 1775`

  • you can refer http://devdocs.magento.com/

    The important things:

    The owner of the Magento file system: Must have full control (read/write/execute) of all files and directories.

    Must not be the web server user; it should be a different user.

    The web server user must have write access to the following files and directories: var app/etc pub (and probably new in 2.2.1:) generated

    In addition, the web server's group must own the Magento file system so that the Magento user (who is in the group) can share access to files with the web server user. (This includes files created by the Magento Admin or other web-based utilities.)

    We recommend setting the permissions as follows:

    All directories have 770 permissions.
    
    770 permissions give full control (that is, read/write/execute) to the owner and to the group and no permissions to anyone else.
    
    All files have 660 permissions.
    
    660 permissions mean the owner and the group can read and write but other users have no permissions.
    

    You should set as bellow recommended.

    cd <your Magento install dir> 
    
    find . -type f -exec chmod 644 {} \;                        // 644 permission for files
    
    find . -type d -exec chmod 755 {} \;                        // 755 permission for directory 
    
    find ./var -type d -exec chmod 777 {} \;                // 777 permission for var folder    
    
    find ./pub/media -type d -exec chmod 777 {} \;
    
    find ./pub/static -type d -exec chmod 777 {} \;
    
    chmod 777 ./app/etc
    
    chmod 644 ./app/etc/*.xml
    
    chown -R :<web server group> .
    
    chmod u+x bin/magento
    

    I hope this will help you.

    It only works for me with `\;`, e.g.: `find ./var -type d -exec chmod 777 {} \;`

    the issue here will be `chown` not `chmod` proper user with suPHP is the most important :)

    But this is for development mode. For production it should be group-readonly - no idea how that should work

    I think you also need `chmod u+x bin/magento` to be able to execute console commands.

    friends don't let friends 777

    I have apache, ec2-user and jenkins user. How I can set permissions for /var/www/site? Your variant isn't working for 3 users. Thanks.

    I always use the find variante with `+`, as in `find ./pub/static -type d -exec chmod 777 {} +;` and it runs MUCH faster. I never see this referenced though is that wrong?

    app/etc 777> Haha nice. Hackable easy. app/etc contains your db information

    @SwAt.Be There's a .htaccess file in the app folder with `Deny from all`, so why would this be a security concern? The web server user must be able to read this file anyway. Edit: On shared hosting I agree though

    @MilanSimek Well it depends much on how your internal permissions are set. Your app/etc directory should NEVER have 777 permissions. Only your user that actually does the connection should have permissions to that fille. Otherwise this can be a breach easily

    What about windows 7, how can i give above all commands to windows?

    I am uncertain if the answer is complete. I see some comments about chmod 777. So is the above answer correct? or should it be adapted?

    You said files should have `660` yet we set `644` to files? Why?

    chmod: changing permissions of './var/log/system.log': Operation not permitted

  • In some rare cases, you can't use 770 and 660, like @MagenX says, 755 and 644 could also be the permission you need. (Some Fast-CGI users I guess)

    So in that case, you run:

    find . -type d -exec chmod 755 {} \; && find . -type f -exec chmod 644 {} \; && chmod u+x bin/magento
    

    That seems to fix it, but if Magento generates new files or directories, those will have the permission 770 and 660 again. You can edit those default chmod values in the following files:

    /vendor/magento/framework/Filesystem/DriverInterface.php 
    (WRITEABLE_DIRECTORY_MODE and WRITEABLE_FILE_MODE)
    
    /lib/internal/Cm/Cache/Backend/File.php 
    (directory_mode and file_mode)
    

    After these changes, run the first command again and after that, newly generated files shouldn't be an issue anymore.

    Note: Editing files like this is never a good idea, but I suspect these chmod options are going to be configurable in the future, so I took the easy way.

    Cant find /lib/internal/Cm/Cache/Backend/File.php on M231

    @snh_nl In newer Magento version, they don't set the permission anymore if they do, it looks like they use 775. After a fresh installation you can just run: find . -type f -exec chmod 664 {} \; find . -type d -exec chmod 775 {} \; find ./var -type d -exec chmod 777 {} \; find ./pub/media -type d -exec chmod 777 {} \; find ./pub/static -type d -exec chmod 777 {} \; chmod 777 ./app/etc chmod 644 ./app/etc/*.xml chmod u+x bin/magento In the root and you should be fine.

  • You can use the method like the Magento documentation recommends:

    find . -type f -exec chmod 664 {} \;
    find . -type d -exec chmod 775 {} \;
    find var pub/static pub/media app/etc -type f -exec chmod g+w {} \;
    find var pub/static pub/media app/etc -type d -exec chmod g+ws {} \;
    chmod u+x bin/magento
    

    How to give write permission to generated folder in windows? @Rafael Corrêa Gomes

    I still get `".../var/cache/" is not writable`

  • sudo find . -type d -exec chmod 770 {} \; && sudo find . -type f -exec chmod 660 {} \; && sudo chmod u+x bin/magento
    

    For local development set pub and var to 775 or 777

    why? (There is minimum to a comment length)

    Why do unknown users need access to pub or cache??

  • If you are using SELinux ̣(e.g. CentOS) try:

    sudo chcon -R -t httpd_sys_rw_content_t var
    

    (from magento root folder of course)

  • In Magento Community recommend

    We recommend setting the permissions as follows:

    All directories have 770 permissions. 770 permissions give full control (that is, read/write/execute) to the owner and to the group and no permissions to anyone else.

    All files have 660 permissions. 660 permissions mean the owner and the group can read and write but other users have no permissions.

    For more ref this link https://devdocs.magento.com/guides/v2.3/install-gde/prereq/file-system-perms.html

  • no special permissions, you just make sure that files owned by user who runs php or in case of cPanel - cpanel user, and same group

    so your command is good:

    find . -type f -exec chmod -c 644 {} \; && find . -type d -exec chmod -c 755 {} \;
    

    just update files owner:

    chown -R user:user *
    

    where user is the owner, user who runs php.

    instead of changing permissions everytime, login / work as proper user, files owner, from root to user:

    cd /magento/root/folder/
    su $(stat -c '%U' index.php) -s /bin/bash
    whoami
    pwd
    

    How to give write permission to generated folder in windows? @MagenX

  • Put this content inside your root folder, then execute it with the console.

    Dont forget to chmod +x yourfile.sh.

    #!/bin/sh
    chmod 2775 -R .
    
    chmod 777 -R ./pub/
    
    chmod 777 -R ./var/
    

    how can i put this code ? as htacces or php file

    Avoid this, it's basically making your webserver directory open to the public. instead read the devdocs provided by magento to properly secure the version your running.

  • find . -type f -exec chmod 400 {} \;
    find . -type d -exec chmod 500 {} \;
    find var/ -type f -exec chmod 600 {} \;
    find media/ -type f -exec chmod 600 {} \;
    find var/ -type d -exec chmod 700 {} \;
    find media/ -type d -exec chmod 700 {} \;
    chmod 700 includes
    chmod 600 includes/config.php
    

    Also detailed information is available on, http://devdocs.magento.com/guides/m1x/install/installer-privileges_after.html

    Question calls for advise on Magento 2

License under CC-BY-SA with attribution


Content dated before 6/26/2020 9:53 AM