How to Set Magento 2 File System Ownership and Permissions?

How to Set Magento 2 File System Ownership and Permissions?

Hello folks, Here I will discuss “How to set Magento 2 file system ownership and read-write permissions for the webserver group”.

Before that, First, let’s understand why we need to set this ?

In a development environment, we want our Magento latest version installation to be secure. To prevent issues that are related to unauthorized access and are potentially harmful to our system, I’m suggesting some helpful guidelines related to Magento file system ownership and permissions which are as follows:

1. The web server user should not be the owner of the Magento 2 file system, however, the webserver user must have write access to some directories and folders.

2. The user who owns the Magento 2 files and directories must not be root and must be a member of the Webserver group.

3. The user who owns the Magento 2 file system must have full control (read/write/execute) of all files and directories.

4. The web server user and the web server must have the write access to the following directories:

  • var
  • app/etc
  • pub/static
  • pub/media

Other than these folders and files, web server user must own the files created by Magento 2 admin.

Before that, First, let’s understand why we need to set this

When do we need to set Magento 2 ownership and permissions?

To avoid its pre-installation, file system permissions issues and web server read/write errors. It is necessary to set the Magento 2 file system ownership and permissions, so the setup wizard or command line can write files to the Magento file system. After installation, we need to reset Magento 2 file system ownership and permissions in the following cases:

1. When copying files via FTP, the copied files may have the wrong permissions, or the wrong group.

2. If Magento files have a different group than the files you just copied or installed.

The recommended permissions are as follows:

All folders must have permission 775.

775 for folders, can be fully controlled by the user and the group.It  enables everyone to traverse the directory. These permissions are typically required by shared hosting providers.

All files must have permission 664.

664 for files are writable by the user and the group. Others can just read.

The recommended permissions

To set Magento 2 ownership and permissions on ubuntu/Debian run the following commands:

1. Check the web server’s user and user user’s group

ps aux | grep apache 

groups www-data

Usually, both the user and the user’s group are www-data.

2. Create a new user and add to the web server group:

adduser <user-name>

useradd <user-name> <web-server-group>

usermod -a -G www-data <user-name>

ex:

adduser magento

useradd magento www-data

usermod -a -G www-data magento

3. Navigate to Magento 2 installation root directory:

cd /var/www/html/<magento-root-dir-name>

4. Set ownership:

chown -R <user-name>:<web-server-usr> . 

(including the last point dot, sets owner for all files under current Magento 2 installation) 

ex:

Ubuntu: chown -R magento:www-data .

CentOS: chown -R magento:apache .

5. Set permissions:

find . -type f -exec chmod 644 {} \;        

find . -type d -exec chmod 755 {} \; 

find ./var -type d -exec chmod 777 {} \;    

find ./pub/media -type d -exec chmod 777 {} \;

find ./pub/static -type d -exec chmod 777 {} \;

chmod 777 ./app/etc

chmod 644 ./app/etc/*.xml

chmod u+x bin/magento        // add the execute permissions for bin/magento

I hope that we have understood the procedure of Magnto 2 File Permission and Ownership and above information might be useful to you. If you have any query related to this topic, ask/write to me.

Related articles