Correct file permissions for 2 user setup

Hello Everyone,

I’m currently following Craig’s tutorial to set up Magento with a two-user configuration. I have configured the folder and file permissions as follows but have some questions regarding best practices and production readiness.

Current Configuration:

  • Default folders are set to 755 permissions.
  • Default files are set to 644 permissions.
  • Exceptions made for certain folders with 775 permissions and files with 664 permissions:
    • /generated
    • /pub/media
    • /pub/static
    • /var


  1. For best practices and security, which folders should retain 755 permissions and which should be adjusted to 775?
  2. Similarly, which files should be kept at 644 permissions, and which require 664 permissions?
  3. Are there any adjustments needed when moving to a production environment regarding these permissions?

Additionally, I’ve noticed a specific behavior related to the /pub/media folder. Whenever I upload a product image, the owner automatically changes to www-data:www-data from what I initially set as magento:www-data .

Further Questions:

  1. Is the automatic change to www-data:www-data correct for Magento’s operation?

Thank you in advance for your help!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.