skip to Main Content

Magento officially recommends to set the permission of all folders to 700 and of files to 600. (Source)

They instruct us to execute these commands to set the permissions:

find . -type d -exec chmod 700 {} ;
find . -type f -exec chmod 600 {} ;

However, now I get 403 forbidden when I try to access the site.

Should I change it to 766 (folders) and 666 (files) instead?

2

Answers


  1. It depends very much on the configuration of your system.

    When you are setting all permissions with the command of your question, executed as root, you are allowing only the root user to access these files.

    The permission mask reads as follows:

    000
    ^^^
    |||
    ||+--- Other
    |+---- Group
    +----- Owner     
    

    So a permission mask of 600 with a root ownership wouldn’t let the webserver’s user (or php process’ user) to read or access those files.

    The first step would be to find out ther user that’s running your webserver (Apache, Nginx, or whatever you are using), and the user assigned to your php process (in case you are using something like php-fpm).

    If you are on an Ubuntu system, more likely than not that user is www-data. But you should make sure, since the details are configuration dependent.

    Assuming the user you got is www-data, you go to the directory where you were runnig the chmod and change all the files so they are owned by this user:

    chown -R www-data: {.??,}*
    

    Later you apply the permissions from your question, and it should work.

    Note: This is probably not how I would set up an installation, security wise, but that is beyond the scope of the question.

    Login or Signup to reply.
  2. You should change the ownership like this:

    sudo adduser <username> www-data
    sudo usermod -a -G <username> www-data
    sudo chown :www-data /var/www -R
    sudo chmod g+rwX /var/www -R
    sudo chmod g+s /var/www
    

    Also set magento required permission to files and folder

    find . -type f -exec chmod 644 {} ;
    find . -type d -exec chmod 755 {} ;
    chmod 550 mage
    

    Hope these help.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search