Magento 2 folder/file permissions

You can refer http://devdocs.magento.com/

The important things:

  • The owner of the Magento file system: Must have full control (read/write/execute) of all files and directories.

  • Must not be the webserver user; it should be a different user.

  • The web server user must have write access to the following files and directories:

    • var
    • app/etc
    • pub
    • (and probably new in 2.2.1:) generated
  • In addition, the web server's group must own the Magento file system so that the Magento user (who is in the group) can share access to files with the web server user. (This includes files created by the Magento Admin or other web-based utilities.)

  • We recommend setting the permissions as follows:

    • All directories have 770 permissions.

    • 770 permissions give full control (that is, read/write/execute) to the owner and to the group and no permissions to anyone else.

    • All files have 660 permissions.

    • 660 permissions mean the owner and the group can read and write but other users have no permissions.

You should set it as below:

cd <your Magento install dir> 

// 644 permission for files
find . -type f -exec chmod 644 {} \; 
                   
// 755 permission for directory
find . -type d -exec chmod 755 {} \;    

chmod 644 ./app/etc/*.xml

chown -R :<web server group> .

chmod u+x bin/magento

I hope this will help you.


In some rare cases, you can't use 770 and 660, like @MagenX says, 755 and 644 could also be the permission you need. (Some Fast-CGI users I guess)

So in that case, you run:

find . -type d -exec chmod 755 {} \; && find . -type f -exec chmod 644 {} \; && chmod u+x bin/magento

That seems to fix it, but if Magento generates new files or directories, those will have the permission 770 and 660 again. You can edit those default chmod values in the following files:

/vendor/magento/framework/Filesystem/DriverInterface.php 
(WRITEABLE_DIRECTORY_MODE and WRITEABLE_FILE_MODE)

/lib/internal/Cm/Cache/Backend/File.php 
(directory_mode and file_mode)

After these changes, run the first command again and after that, newly generated files shouldn't be an issue anymore.

Note: Editing files like this is never a good idea, but I suspect these chmod options are going to be configurable in the future, so I took the easy way.


You can use the method like the Magento documentation recommends:

find . -type f -exec chmod 664 {} \;
find . -type d -exec chmod 775 {} \;
find var pub/static pub/media app/etc -type f -exec chmod g+w {} \;
find var pub/static pub/media app/etc -type d -exec chmod g+ws {} \;
chmod u+x bin/magento