cancel
Showing results for 
Search instead for 
Did you mean: 

Magento CE 1.7.0.2 and file/directory permissions

SOLVED

Magento CE 1.7.0.2 and file/directory permissions

Hello,

 

I have a Magento CE 1.7.0.2 installation patched with available patches running on a dedicated server. The Apache Web Server is running by user "nobody", while all my files and directories are owned by a different user which I use to access the server via SSH/SFTP. The PHP is running as suEXEC. The file/directory permissions described at the below article don't work for my installation:

 

http://devdocs.magento.com/guides/m1x/install/installer-privileges_after.html

 

I have also noticed the following:

 

  • When I upload pictures via Magento Admin, the relevant files are created with permissions 666 and owned by my SSH/SFTP user; i.e. not the user "nobody" running Apache Web Server. The same situation applies for directories which are created with permissions 777.
  • The above permissions and ownership also apply for file and directories created by Magento Connect Manager when I use it to install some free Magento Extensions.

So, my question is: Will the below file/directory permissions be appropriate for my Magento installation, or I will have security holes?

 

find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \; 
find var/ -type f -exec chmod 644 {} \; 
find media/ -type f -exec chmod 644 {} \;
find var/ -type d -exec chmod 755 {} \; 
find media/ -type d -exec chmod 755 {} \;
chmod 550 lib/Mage chmod 700 includes chmod 600 includes/config.php

 

2 ACCEPTED SOLUTIONS

Accepted Solutions

Re: Magento CE 1.7.0.2 and file/directory permissions

Since you run suEXEC, you can set the permissions for all files to 644 and all directories to 755. 

 

You will not need to run insecure permissions like 666 and 777. 

View solution in original post

Re: Magento CE 1.7.0.2 and file/directory permissions

Hello,

 

What about the following? Are the appropraite for my setup?

 

chmod 550 lib/Mage

chmod 700 includes

chmod 600 includes/config.php

View solution in original post

3 REPLIES 3

Re: Magento CE 1.7.0.2 and file/directory permissions

I also believe that the below is not applicable for Magento 1.7.0.2:

 

chmod 550 lib/PEAR

Re: Magento CE 1.7.0.2 and file/directory permissions

Since you run suEXEC, you can set the permissions for all files to 644 and all directories to 755. 

 

You will not need to run insecure permissions like 666 and 777. 

Re: Magento CE 1.7.0.2 and file/directory permissions

Hello,

 

What about the following? Are the appropraite for my setup?

 

chmod 550 lib/Mage

chmod 700 includes

chmod 600 includes/config.php