Setting Secure Working Permissions for Magento (Chown/Chmod) SSH
There is a lot of content on the web about setting the correct (secure) permissions for Magento, much of which, differs somewhat.
We’ve detailed below, what we feel are decent permissions which leave your Magento store secure and protected whilst giving the necessary access across the site in order for Magento to continue functioning as expected/intended.
If running as server user.
chown -R apache:apache *
find . -type f \-exec chmod 644 {} \;
find . -type d \-exec chmod 711 {} \;
find ./media -type d \-exec chmod 775 {} \;
find ./var -type d \-exec chmod 775 {} \;
find ./media -type f \-exec chmod 664 {} \;
find ./var -type f \-exec chmod 664 {} \;
chmod 640 ./app/etc/*.xml
chmod 550 mage
If not running as server user (apache), the above permissions will cause 500 internal server error.
You can learn more on secure permissions for Magento at this in-depth explanation of the above at Nexcess or from the official Magento documentation.
Thansk a lot GEOFF JACKSON .. this post help me lot during magento multi shop setup
Best Regards
Glad you found this useful Ikram!