File ownership and permissions

If you experience errors like the following:

.WARNING: PHP Warning - require(/mautic/var/cache/prod/doctrine/orm/Proxies/__CG__MauticCategoryBundleEntityCategory.php): failed to open stream: No such file or directory - in file /mautic/vendor/doctrine/common/lib/Doctrine/Common/Proxy/AbstractProxyFactory.php - at line 209

there is a strong likelihood that you have problems with the permissions and/or ownership of the files and folders on your Mautic instance.

This article writes from the perspective of a Linux server using Apache, which is the most common hosting environment for Mautic. NGINX and IIS servers have different configurations, but the principles remain the same.

Why are permissions important?

File and folder permissions specify who and what can read, write, modify, and access them. Ownership determines which User “owns” the files and folders - and hence is able to carry out actions based on the permission settings.

User

A User is the owner of the file. By default, the person who created a file becomes its owner. Hence, a User is also sometimes called an owner.

Group

A Group can contain multiple Users. All Users belonging to a Group have the same access permissions to the file. Groups simplify permissions - all Users in a specific Group inherit the permissions assigned to that Group, rather than having to assign permissions to each User individually.

Other

Any other User who has access to a file comes into “Other”, meaning they have neither created the file, nor belong to a Group that owns the file. Practically, this means “the rest of the world”. Hence, this is also referred to as permissions for the world.

Linux distinguishes between these three User types to prevent Users accessing, editing, or deleting files they shouldn’t be able to change. Read more about file and folder ownership

Permissions and ownership settings are critical to ensuring the security of your server and Mautic instance, so it’s important to get them right. If your files don’t have the appropriate permissions in place, it’s easier for hackers to intrude on your files and gain access to your Mautic instance. Setting your file permissions correctly may not save you from all attacks, but it helps make your Mautic instance a bit more secure.

Why do permissions problems cause errors in Mautic?

Mautic needs access to read and write files in the Mautic directory to enable certain functions and scripts to run. If the permissions aren’t set correctly, or if the User running them doesn’t have the correct access, Mautic can’t function properly and errors occur in the app and server logs as a result.

Problems with permissions and ownership generally occur because:

  • You’ve uploaded Mautic or made changes to files and folders as a different User to the one that Mautic uses to run - for example you uploaded files using an FTP account with the username bob but your web server executes scripts as a User called www-data.

  • The User that Mautic uses to run doesn’t have the appropriate permissions on the files and folders - for example, bob isn’t able to create directories, or read files

  • You ran an update as a different User to that which Mautic uses to run - resulting in some files and folders having their ownership changed