Install the Magento software

Totally lost? Need a helping hand? Try our installation quick reference (tutorial) or installation roadmap (reference).

Before you start your installation

Before you begin, make sure that:

Your system meets the requirements discussed in Magento system requirements.
You completed all prerequisite tasks discussed in Prerequisites.
You took your first installation steps as discussed in Your install or upgrade path.
After you log in to the Magento server, switch to the Magento file system owner.
Review the information discussed in Get started with the command-line installation.

You must install Magento from its bin subdirectory.

The installer is designed to be run multiple times if necessary so you can:

Provide different values

For example, after you configure your web server for Secure Sockets Layer (SSL), you can run the installer to set SSL options.
Correct mistakes in previous installations
Install Magento in a different database instance

By default, the installer doesn’t overwrite the Magento database if you install the Magento software in the same database instance. You can use the optional cleanup-database parameter to change this behavior.

Completely secure installation

To use Secure Sockets Layer (SSL), also referred to as HTTPS, for both the Magento Admin and the storefront, you must set all of the following parameters:

--use-secure: Set to 1
--base-url-secure: Set to a secure URL (that is, starting with https://)
--use-secure-admin Set to 1

More details about these parameters can be found later in this topic.

Installer help commands

You can run the following commands to find values for some required arguments:

Installer argument	Command
Language	magento info:language:list
Currency	magento info:currency:list
Time zone	php magento info:timezone:list

If an error displays when you run these commands, make sure you updated installation dependencies as discussed in Update installation dependencies.

Install the Magento software from the command line

The format of the install command follows:

magento setup:install --<option>=<value> ... --<option>=<value>

The following table discusses the meanings of installation option names and values. Examples are provided in Sample localhost installations.

Any options that contain spaces or special characters must be enclosed in either single or double quotes.

Name	Value	Required?
`--admin-firstname`	Magento administrator user’s first name.	Yes
`--admin-lastname`	Magento administrator user’s last name.	Yes
`--admin-email`	Magento administrator user’s e-mail address.	Yes
`--admin-user`	Magento administrator username.	Yes
`--admin-password`	Magento administrator user password. The password must be at least 7 characters in length and must include at least one alphabetic and at least one numeric character. We recommend a longer, more complex password. Enclose the entire password string in single quotes. For example, `--admin-password='A0b9%t3\'`	Yes
`--base-url`	Base URL to use to access your Magento Admin and storefront in any of the following formats: - `http[s]://<host or ip>/<your Magento install dir>/`. Note: The scheme (http:// or https://) and a trailing slash are both required. `<your Magento install dir>` is the docroot-relative path in which to install the Magento software. Depending on how you set up your web server and virtual hosts, the path might be magento2 or it might be blank. To access Magento on localhost, you can use either `http://127.0.0.1/<your Magento install dir>/` or `http://127.0.0.1/<your Magento install dir>/`. - `` which represents a base URL defined by a virtual host setting or by a virtualization environment like Docker. For example, if you set up a virtual host for Magento with the hostname magento.example.com, you can install the Magento software with `--base-url=` and access the Magento Admin with a URL like http://magento.example.com/admin.	No
`--backend-frontname`	Uniform Resource Identifier (URI) to access the Magento Admin. You can omit this parameter to let Magento generate a random URI for you with the following pattern `admin_jkhgdfq`. We recommend a random URI for security purposes. A random URI is harder for hackers or malicious software to exploit. The URI displays at the end of the installation. You can display it later at any time using the magento info:adminuri command. If you choose to enter a value, we recommend you not use a common word like admin, backend, and so on. The Admin URI can contain alphanumeric values and the underscore character (`_`) only.	No
`--db-host`	Use any of the following: - The database server’s fully qualified hostname or IP address. - `localhost` (default) or `127.0.0.1` if your database server is on the same host as your web server. `localhost` means the MySQL client library uses UNIX sockets to connect to the database. `127.0.0.1` causes the client library to use the TCP protocol. For more information about sockets, see the PHP PDO_MYSQL documentation. Note: You can optionally specify the database server port in its hostname like www.example.com:9000	No
`--db-name`	Name of the Magento database instance in which you want to install the Magento database tables. Default is `magento2`.	No
`--db-user`	Username of the Magento database instance owner. Default is `root`.	No
`--db-password`	Magento database instance owner’s password.	No
`--db-prefix`	Use only if you’re installing the Magento database tables in a database instance that has Magento tables in it already. In that case, use a prefix to identify the Magento tables for this installation. Some customers have more than one Magento instance running on a server with all tables in the same database. The prefix can be a maximum of five characters in length. It must begin with a letter and can include only letters, numbers, and underscore characters. This option enables those customers to share the database server with more than one Magento installation.	No
`--language`	Language code to use in the Admin and storefront. (If you have not done so already, you can view the list of language codes by entering `magento info:language:list` from the bin directory.)	No
`--currency`	Default currency to use in the storefront. (If you have not done so already, you can view the list of currencies by entering `magento info:currency:list` from the bin directory.)	No
`--timezone`	Default time zone to use in the Admin and storefront. (If you have not done so already, you can view the list of time zones by entering `magento info:timezone:list` from the bin directory.)	No
`--use-rewrites`	1 means you use web server rewrites for generated links in the storefront and Admin. `0` disables the use of web server rewrites. This is the default.	No
`--use-secure`	`1` enables the use of Secure Sockets Layer (SSL) in storefront URLs. Make sure your web server supports SSL before you select this option. `0` disables the use of SSL with Magento. In this case, all other secure URL options are assumed to also be `0`. This is the default.	No
`--base-url-secure`	Secure base URL to use to access your Magento Admin and storefront in the following format: `http[s]://<host or ip>/<your Magento install dir>/`	No
`--use-secure-admin`	1 means you use SSL to access the Magento Admin. Make sure your web server supports SSL before you select this option. `0` means you do not use SSL with the Admin. This is the default.	No
`--admin-use-security-key`	`1` causes the Magento software to use a randomly generated key value to access pages in the Magento Admin and in forms. These key values help prevent cross-site script forgery attacks. This is the default. `0` disables the use of the key.	No
`--session-save`	Use any of the following: - `db` to store session data in the database. Choose database storage if you have a clustered database; otherwise, there might not be much benefit over file-based storage. - `files` to store session data in the file system. File-based session storage is appropriate unless the Magento file system access is slow or you have a clustered database.	No
`--key`	If you have one, specify a key to encrypt sensitive data in the Magento database. If you don’t have one, Magento generates one for you.	No
`--cleanup-database`	To drop database tables before installing the Magento software, specify this parameter without a value. Otherwise, the Magento database is left intact.	No
`--db-init-statements`	Advanced MySQL configuration parameter. Uses database initialization statements to run when connecting to the MySQL database. Consult a reference similar to this one before you set any values. Default is `SET NAMES utf8;`.	No
`--sales-order-increment-prefix`	Specify a string value to use as a prefix for sales orders. Typically, this is used to guarantee unique order numbers for payment processors.	No
`--amqp-host`	Magento Commerce only. Do not use the `--amqp` options unless you have already set up an installation of RabbitMQ. See RabbitMQ installation for more information about installing and configuring RabbitMQ. The hostname where RabbitMQ is installed.	No
`--amqp-port`	Magento Commerce only. The port to use to connect to RabbitMQ. The default is `5672`.	No
`--amqp-user`	Magento Commerce only. The username for connecting to RabbitMQ. Do not use the default user `guest`.	No
`--amqp-password`	Magento Commerce only. The password for connecting to RabbitMQ. Do not use the default password `guest`.	No

To enable or disable modules after installing Magento, see Enable and disable modules.

What is sensitive data?

Magento uses your encryption key to encrypt the following:

Credit card information
Usernames and passwords specified in the Magento Admin configuration (for example, logins to payment gateways)
CAPTCHA values sent over the network

Magento does not encrypt:

Administrative and customer usernames and passwords (these passwords are hashed)
Address
Phone number
Other types of personally identifiable information except for credit card numbers

Sample localhost installations

Example 1

The following example installs Magento with the following options:

The Magento software is installed in the magento2 directory relative to the web server docroot on localhost and the path to the Magento Admin is admin; therefore:

Your storefront URL is http://127.0.0.1
The database server is on the same host as the web server.

The database name is magento, and the username and password are both magento
Uses server rewrites
The Magento administrator has the following properties:
- First and last name are Magento User
- Username is admin and the password is admin123
- E-mail address is user@example.com
Default language is en_US (U.S. English)
Default currency is U.S. dollars

Default time zone is U.S. Central (America/Chicago)

magento setup:install --base-url=http://127.0.0.1/magento2/ \
--db-host=localhost --db-name=magento --db-user=magento --db-password=magento \
--admin-firstname=Magento --admin-lastname=User --admin-email=user@example.com \
--admin-user=admin --admin-password=admin123 --language=en_US \
--currency=USD --timezone=America/Chicago --use-rewrites=1

Messages similar to the following display to indicate a successful installation:

Post installation file permissions check...
For security, remove write permissions from these directories: '/var/www/html/magento2/app/etc'
[Progress: 274 / 274]
[SUCCESS]: Magento installation complete.
[SUCCESS]: Admin Panel URI: /admin_puu71q

Example 2 (with additional options)

The following example installs Magento with the following options:

The Magento software is installed in the magento2 directory relative to the web server docroot on localhost and the path to the Magento Admin is admin; therefore:

Your storefront URL is http://127.0.0.1
The database server is on the same host as the web server.

The database name is magento, and the username and password are both magento
The Magento administrator has the following properties:
- First and last name are is Magento User
- Username is admin and the password is admin123
- E-mail address is user@example.com
Default language is en_US (U.S. English)
Default currency is U.S. dollars
Default time zone is U.S. Central (America/Chicago)
The installer first cleans up the database before installing the tables and schema
You use a sales order increment prefix ORD$ and because it contains a special character ($), the value must be enclosed in double quotes
Session data is saved in the database

Uses server rewrites

magento setup:install --base-url=http://127.0.0.1/magento2/ \
--db-host=localhost --db-name=magento \
--db-user=magento --db-password=magento \
--admin-firstname=Magento --admin-lastname=User --admin-email=user@example.com \
--admin-user=admin --admin-password=admin123 --language=en_US \
--currency=USD --timezone=America/Chicago --cleanup-database \
--sales-order-increment-prefix="ORD$" --session-save=db --use-rewrites=1

Messages similar to the following display to indicate a successful installation:

Post installation file permissions check...
For security, remove write permissions from these directories: '/var/www/html/magento2/app/etc'
[Progress: 274 / 274]
[SUCCESS]: Magento installation complete.
[SUCCESS]: Admin Panel URI: /admin_puu71q

The command must be entered either on a single line or, as in the preceding example, with a \ character at the end of each line.

Next step

If you have one user account to access the Magento server, see Optionally set a umask.

This type of setup is typical for shared hosting.
Verify the installation.

May 31st, 2019