8 Steps to Set Magento File Permissions for Admins
[Updated on July 9, 2025] Tired of seeing "Permission denied" errors crash your Magento store? Set magento file permissions to remove these frustrating roadblocks and secure your store.
In this tutorial, we will explain how to set file permissions and their benefits for users.
Key Takeaways
-
Magento file permissions control who accesses and modifies files.
-
Directories need 770/775 permissions while files need 660/644 permissions.
-
UMASK and CHMOD commands set and change file permissions.
-
Proper permissions enhance security and prevent malicious attacks.
-
Shared hosting and private hosting use different permission setups.
What Are Magento File Permissions?
Magento file permissions say who can change or execute files in the directory. Proper file permissions are essential for maintaining security and functionality.
Magento file permissions include:
-
Read (R): Allows users to view file contents. It is necessary for executing scripts and accessing configuration files.
-
Write (W): Permits users to change or edit files. It is a must for updating configurations, installing extensions, and files.
-
Execute (X): Grants users the ability to run scripts and programs. It is a must for Magento commands and scripts.
Magento recommends specific file permissions to ensure security and proper functioning. As of 2025, directories need 770 or 775 permissions, while files may need 660 or 644 permissions.
Types of Commands to Set or Change Permissions
1. UMASK Commands
UMASK (User file creation mask) sets default permissions for new files and directories. It works by subtracting the specified mask from the default permissions.
Common UMASK commands include:
-
umask: Displays or sets the file permissions mask for the current shell session.
-
umask [mask]: Sets the default permissions mask (e.g., umask 022).
2. CHMOD Commands
CHMOD (Change Mode) changes the permissions of files and directories.
Common CHMOD commands include:
-
chmod [options] permissions file/directory: Changes permissions (e.g., chmod 755 directory).
-
chmod -R [permissions] directory: Changes permissions for a directory and its contents.
-
chmod +x file: Adds execute permission to a file.
-
chmod u+s file: Sets the setuid bit for owner privileges.
-
chmod g+s directory: Sets the setgid bit for group inheritance.
Updated List of Magento File Permissions for 2025
| Permission | Description | Common Use |
|---|---|---|
| 644 | Owner: read/write; Group/Others: read-only | Magento PHP scripts, configuration files, templates |
| 755 | Owner: read/write/execute; Group/Others: read/execute | Directories for navigation and access |
| 660 | Owner/Group: read/write; Others: no access | Sensitive files (e.g., database credentials) |
| 770 | Owner/Group: read/write/execute; Others: no access | Directories with sensitive data |
| 664 | Owner/Group: read/write; Others: read-only | Log files, cache files |
| 775 | Owner/Group: read/write/execute; Others: read/execute | Directories with executable scripts |
Note: Avoid 777 permissions, as they grant full access to all users and pose security risks.
Magento 2 Directories and Their Recommended Permissions
| Directory/File | Recommended Permission | Use Case |
|---|---|---|
var |
770 | Stores logs, cache, and session data |
pub/static |
770 | Static resources for the Magento frontend |
pub/media |
770 | Media files like product images |
app/etc |
770 | Configuration files, never 777 |
| PHP scripts (e.g., templates) | 644 | Read-only for group/others |
Benefits of Setting Magento 2 File Permissions for Stores
1. Enhanced Security
Proper file permissions ensure that only authorized users can access files and directories. This prevents malicious attackers from gaining access to information like:
-
Customer data
-
Payment details
-
Administrative credentials.
2. Protection Against Malicious Activities
Setting restrictive permissions on files helps mitigate the risk of security threats, including:
-
Magento Malware Injections
-
Phishing attacks
-
Unauthorized code execution.
Admins can reduce the likelihood of security breaches and data compromises. You can limit access to components of the Magento site.
3. Improved Stability
Correct file permissions contribute to the stability and reliability of the Magento site. Assign the appropriate file permissions. It helps the application to function without encountering permission-related errors.
This ensures a seamless user experience for both customers and admins. Thus leading to increased trust and satisfaction.
4. Compliance
Adhering to file permission settings ensures compliance with industry regulations such as:
-
Payment Card Industry Data Security Standard (PCI DSS)
-
General Data Protection Regulation (GDPR).
Compliance with these regulations helps:
-
Protect sensitive customer information.
-
Avoid legal penalties.
-
Maintain trust in the brand's integrity.
-
Maintain a commitment to data privacy.
5. Data Integrity
Proper file permissions safeguard the integrity of data stored within Magento. Restricting access to critical files and directories helps admins prevent:
-
Accidental modifications
-
Deletions
-
Unauthorized changes.
This prevents data integrity from being compromised. This ensures that customer information, product details, and other data remain accurate.
6. Efficient Collaboration
Configuring appropriate file permissions enables users to collaborate on Magento projects. Admins can define roles and access levels based on job responsibilities.
This ensures that each user can perform tasks without interfering with others' work. This promotes collaboration and productivity across the organization.
7. Troubleshooting
Clear and consistent permissions make it easier to diagnose and troubleshoot issues. Admins can identify permission-related issues as malfunctions by configuring permissions.
This streamlines the Magento troubleshooting process. It also allows for faster resolution and cuts downtime for the e-commerce store.
How to Set Magento File Permissions in Magento 2?
1. For Shared Hosting (One User)
-
Log in to your Magento hosting provider’s control panel.
-
Locate the file manager tool to handle server files.
-
Navigate to the directory (e.g., public_html) where Magento is.
-
Select all Magento files and directories.
-
Set to 644 (read/write for owner, read for group/others).
-
Set to 755 or 770 (read/write/execute for owner, read/execute or none for others).
-
Save the changes in the file manager.
-
Check the permissions column in the file manager or use SSH to confirm.
2. For Private Hosting (Two Users)
-
Create a file system owner: adduser <username> and set a password: passwd <username>.
-
Identify the web server group (e.g., apache for CentOS, www-data for Ubuntu).
-
Add the file system owner to the web server group:
usermod \-a \-G \<web server group\> \<username\>. -
Restart the web server: service apache2 restart (Ubuntu) or service httpd restart (CentOS).
-
Use commands to set group write permissions and ownership:
cd/var/www/html/magento2 find var generated vendor pub/static pub/media app/etc \-type f \-exec chmod g+w {} \+ find var generated vendor pub/static pub/media app/etc \-type d \-exec chmod g+ws {} \+ chown \-R:\<web server group\> chmod u+x bin/magento -
Use ls -li to check permissions and ownership.
FAQs
1. Why does my website break after running setup:upgrade or setup:di:compile?
CLI commands run as root or a different user than the web server. Always run commands as the proper file system owner. Ensure bin/magento has execute permissions with chmod u+x bin/magento. Reset permissions after CLI operations using standard permission commands.
2. What should I do if I get "Permission denied" when trying to run bin/magento commands?
Add execute permission to the bin/magento file by running chmod u+x bin/magento. This error occurs when the bin/magento file lacks execute permissions.
3. How do file permissions affect backups and restores in Magento?
Magento backups can change file/folder permissions. It needs you to reset folder permissions to 755 and file permissions to 644. Verify and reset permissions after creating or restoring backups to prevent 500 errors. Check permissions when moving between servers as they may change during sync.
4. What file permissions issues occur when migrating Magento?
Copied files may have the wrong permissions or groups, leading to installation problems. Set proper ownership and run standard permission commands after migration. The web server user may be different on the new server. It needs both permission and ownership adjustments.
5. Why do I get the "You need more permissions to create a backup" error?
The web server user lacks write access to backup directories like var/backups. Ensure write permissions to var/, pub/media/, and app/etc/ directories. Run find var generated vendor pub/static pub/media app/etc -type d -exec chmod g+ws {} +. This is to grant group write permissions.
Summary
Set Magento file permissions to ensure authorized personnel have access to sensitive information. In this article, we explained how to set permissions and their benefits. Here is a recap:
-
Magento requires specific permissions for security and functionality.
-
Directories need 770/775 permissions, files need 660/644 permissions.
-
UMASK and CHMOD commands control file permission settings.
-
Proper permissions prevent security breaches and data compromises.
-
Shared hosting uses different settings than private hosting.
Choose managed Magento hosting to set the right file permissions for enhanced security and performance.
[Updated on July 9, 2025]
