Considering the advanced security, Magento is upgrading on daily basis. As a result, the recommendations for owners and file systems are updating with time. Here we will discuss Magento permissions for the following Mage versions.
1.Mage EE (Enterprise Edition) version 1.9 or later
2.Mage CE (Community Edition) version 1.4 or later
Although Mage permission and merchant privileges might differ from each other.
Mage Terminals
There are two types of Mage file systems described below regarding terminology.
Hosted file server
Hosting server is the location of Mage server. You simply do not have root access on this kind of server. Further the general user acts as a web server. Just log in as a general user to control the web server. In this case your Mage store assumes you as owner of files under system DIR. Therefore, use “chmod” to edit permissions on directory files and folders.
Dedicated file server
In these kinds of file system, you’re on the cruising seat. Unlike with the hosted system here you can root the system. Both “chown” and “chmod” are familiar for these jobs.
Combinations of Magento permissions
Here few most familiar combinations are discussed undertaking the use by coders.
Following is an explanation of the Mage permissions:
400: These permissions prevent users to over write any files in web server. Furthermore, the Mage permission protects the server from overwriting with malicious content. (-r——–)
500: It is also a Mage permission for users to read and execute. Additionally, it gives an extra edge to the mistakenly deleted files and mod of file. So, a web user can easily modify the files of DIR. (dr-x——)
600: Finally, the user can write and over write media and vars by enabling the permissions. (-rw——-)
700: Last but not least, the permission enables read, write & execution option for media, var and DIR files and folders. (drwx——)
Recommended setups
If you’re using a dedicated server and you have access to root, you can change the permissions to the installed Mage directory and so on subdirectories.
Code: “chown -R web-server-user-name”
Here we are assuming Ubuntu as your file system. Hence in Ubuntu Apache often runs as www-data. So, enter the following code for Ubuntu.
Code: “chown -R www-data”
Enter the following commands to set Magento permissions:
find . -type f -exec chmod 400 {} \;
find . -type d -exec chmod 500 {} \;
find var/ -type f -exec chmod 600 {} \;
find media/ -type f -exec chmod 600 {} \;
find var/ -type d -exec chmod 700 {} \;
find media/ -type d -exec chmod 700 {} \;
chmod 700 includes
chmod 600 includes/config.php
Mage extensions & temporary resetting
Suddenly setting up above Mage permission as above certainly cause an error. Specifically, the warnings look like the following.
“Warning: Your Magento folder does not have sufficient write permissions.”
How to set temporary permissions?
In Ubuntu you can access using following path /var/www/magento.
Next enter following cmds:
“find . -type d -exec chmod 700 {} \;
find . -type f -exec chmod 600 {} \;”
Hereafter you can smoothly run Mage connect manager to install extensions.
Here are the few steps to follow for installing Mage extensions using Mage connect manager.
1.Firstly set 700/600 permissions on your Mage installation dir and subdir on a temporary basis.
2.Secondly you can install the required extension.
3.Thirdly Mage connect requires 777 permissions to install extensions.
4.Finally reset the permissions to previously recommended values.
Further information is available in Mage official for systems using Unix & CentOS etc.
However, there are very few owners whom are familiar with the systems like Ubuntu, Unix and CentOS etc. Also the mage permissions are quite difficult to understand. Afterall we always want it simple. You can simply change permissions using cPanel by Aspiration hosting. Our plans begins at $9.99 per month.
Tanzia Farin Chy for Aspiration Hosting