Hello Everyone,
I’m currently following Craig’s tutorial to set up Magento with a two-user configuration. I have configured the folder and file permissions as follows but have some questions regarding best practices and production readiness.
Current Configuration:
- Default folders are set to 755 permissions.
- Default files are set to 644 permissions.
- Exceptions made for certain folders with 775 permissions and files with 664 permissions:
- /generated
- /pub/media
- /pub/static
- /var
Questions:
- For best practices and security, which folders should retain 755 permissions and which should be adjusted to 775?
- Similarly, which files should be kept at 644 permissions, and which require 664 permissions?
- Are there any adjustments needed when moving to a production environment regarding these permissions?
Additionally, I’ve noticed a specific behavior related to the /pub/media
folder. Whenever I upload a product image, the owner automatically changes to www-data:www-data
from what I initially set as magento:www-data
.
Further Questions:
- Is the automatic change to
www-data:www-data
correct for Magento’s operation?
Thank you in advance for your help!
Best,
Piet