Magento is still one of the best eCommerce platforms available for merchants looking to optimize the eCommerce experience. Between incredible functionality and unrivaled product management, it provides the ability to create storefronts that can’t be created in other, comparable applications. Read more
Magento 2 aimed to augment the security of its predecessor. One such improvement set the default permissions on certain static files to be stricter than normal. This had the unintended side effect of preventing default versions of Magento 2 from functioning on some systems, some of which we host.
Before v. 2.0.6, Magento 2 set permissions of some files to 640 and some directories to 750. These permissions restrict read-access and write-access to the owner of those files and directories, meaning other users have no access. While this successfully tightens permissions, it is incompatible with systems that rely on a web server’s ability to read and write to these files.
For example, many Magento sites use Apache or Nginx with PHP-FPM. In this setup, PHP-FPM runs as the file-owning user, and Apache or Nginx function as separate users and therefore had no file access. This prevented these systems from functioning properly with default Magento 2 installations running versions older than 2.0.6.