The correct configuration of file and directory rights is essential to set up a secure and functioning OXID eShop. In this blog post, we will show you step by step how to set the required permissions for different directories and files of your OXID eShop.
HTTP server write access
First of all, the HTTP server needs write access to some directories and their subdirectories during runtime. These are the directories the server must have access to:
- /source/export
- /source/log/
- /source/out/pictures/
- /source/out/media/
- /source/tmp/
To grant this write access, use the following commands:
chmod -R 775 /source/export chmod -R 775 /source/log chmod -R 775 /source/out/pictures chmod -R 775 /source/out/media chmod -R 775 /source/tmp
Web-based setup
During web-based setup, the HTTP server needs write access to a special directory and some files:
- /source/Setup
- /source/config.inc.php
- /source/.htaccess
To enable write access for the setup, execute the following commands:
chmod 777 /source/Setup chmod 777 /source/config.inc.php chmod 777 /source/.htaccess
File permissions after the setup
After the setup is complete, you should change the file permissions for certain files to ensure the security of your OXID eShop. Make sure to grant read-only access to the following files:
- /source/config.inc.php
- /source/.htaccess
To change permissions, run the following commands:
chmod 444 /source/config.inc.php chmod 444 /source/.htaccess
Setting file and directory permissions correctly is crucial to keeping your OXID eShop running safely and stably. Follow the steps outlined in this blog post to ensure your eShop runs smoothly and securely. After the setup, make sure to adjust the permissions for the critical files accordingly to ensure the security of your system.