Configure the application
Now that you’ve finished installing the Magento application, you need to configure it. This topic provides some recommended configuration settings for Magento; the list is not complete so watch this space.
Set up cron
cron—the UNIX task scheduler—is critical to Magento’s day-to-day operations. It schedules things like reindexing, newsletters, e-mails, sitemaps, and so on. A crontab is a cron configuration. You must install Magento services in the crontab, or some core functionality (as well as some third-party extensions) will not function properly.
Create the Magento crontab
Starting with version 2.2, Magento creates a crontab for you. We add the Magento crontab to any configured crontab for the file system owner. In other words, if you already set up crontabs for other extensions or applications, we add the Magento crontab to it.
The Magento crontab is inside #~ MAGENTO START
and #~ MAGENTO END
comments in your crontab.
To create the Magento crontab:
- Log in as, or switch to, the file system owner.
- Change to your Magento installation directory.
-
Enter the following command:
1
bin/magento cron:install [--force]
Use --force
to rewrite an existing Magento crontab.
magento cron:install
does not rewrite an existing crontab inside#~ MAGENTO START
and#~ MAGENTO END
comments in your crontab.magento cron:install --force
has no effect on any cron jobs outside the Magento comments.
To view the crontab, enter the following command as the file system owner:
1
crontab -l
A sample follows:
1
2
3
4
5
#~ MAGENTO START c5f9e5ed71cceaabc4d4fd9b3e827a2b
* * * * * /usr/bin/php /var/www/html/magento2/bin/magento cron:run 2>&1 | grep -v "Ran jobs by schedule" >> /var/www/html/magento2/var/log/magento.cron.log
* * * * * /usr/bin/php /var/www/html/magento2/update/cron.php >> /var/www/html/magento2/var/log/update.cron.log
* * * * * /usr/bin/php /var/www/html/magento2/bin/magento setup:cron:run >> /var/www/html/magento2/var/log/setup.cron.log
#~ MAGENTO END c5f9e5ed71cceaabc4d4fd9b3e827a2b
The update/cron.php
file exists in Composer- and archive-based installations. It does not exist in git-based installations.
In Composer-based installations, running the composer create-project
command creates an update/
directory. Running the composer install
command does not create the update/
directory (if it did not exist before).
Starting in Magento version 2.3.4, cron tasks are categorized into two groups:
- The
all
group includes thecron:run
,update/cron.php
, andsetup:cron:run
tasks. - The
non-optional
group includes only thecron:run
task.
Use --non-optional
(or -d
) to install a non-optional CRON job:
1
bin/magento cron:install --non-optional
1
2
3
#~ MAGENTO START
* * * * * /usr/bin/php /var/www/html/magento2/bin/magento cron:run | grep -v Ran jobs by schedule >> /var/www/html/magento2/var/log/magento.cron.log
#~ MAGENTO END
For more information about cron, including how to remove a crontab and run cron from the command line, see Configure and run cron.
Security settings and recommendations
After installation, we recommend the following:
- Make sure your file ownership and permissions are set properly
- We strongly recommend changing the default Admin URL from
admin
to something else - Make sure the
X-Frame-Option
HTTP header is set properly. - Take precautions against cross-site scripting (XSS) by securing your templates
If you installed by cloning the Magento repository, make sure that when you deploy Magento, you only include files and folders that are required for the production environment. Files and folders that are not required can potentially expose security risks.
Enable Apache server rewrites
If you use the Apache web server, you must enable server rewrites for pages to display properly. Otherwise, you’ll see pages without styles and other issues.
Section on Apache server rewrites
Caching in a multi-webnode environment
If you have multiple webnodes, you cannot use Magento’s default file caching because there is no synchronization between webnodes. In other words, activity on one webnode is written to that webnode’s file system only. Subsequent activity, if performed on another webnode, can result in unnecessary files being written or can result in errors.
Instead, use Redis for both the default cache and the page cache.
Server settings
This section briefly discusses settings we recommend you consider for the server on which Magento runs. Some of these settings are not directly related to Magento; these are provided as suggestions only.
Log rotation
The UNIX logrotate
utility enables you to administer systems that generate large numbers of log files. It allows automatic rotation, compression, removal, and mailing of log files. Each log file can be handled daily, weekly, monthly, or when the log file exceeds a specified size.
For more information, see one of the following:
Set up iptables rules to enable various Magento services to communicate.
Whether you have one server or many, you must open ports in the firewall to enable Magento services to communicate. For example, if you use the Solr search engine with Adobe Commerce, you must enable it to communicate with the web server. If you have multiple web nodes, you must enable them to communicate with each other.
More information:
- Ubuntu: Ubuntu documentation page.
- CentOS: CentOS how-to.
Security Enhanced Linux (SELinux) rules
We don’t recommend whether or not you use SELinux at all; however, if you use it, you must configure Magento services to communicate with each other similar to configuring iptables.
More information:
- Ubuntu: Debian handbook
- CentOS: CentOS wiki
Set up an e-mail server
Magento requires an e-mail server. We don’t recommend a particular server but you can try any of the following:
- Postfix for CentOS (digitalocean tutorial, CentOS documentation)
- Postfix for Ubuntu (digitalocean tutorial, Ubuntu documentation)
Set up an Elasticsearch as search engine for enhanced performance:
Elasticsearch available in Adobe Commerce since 2.1.0 and in Magento Open Source since 2.3.0:
Set up an message queue
Since 2.3.0 Magento Open Source includes message queue functionality. In earlier versions it is available only for Adobe Commerce.
Settings for Adobe Commerce only
You can configure the following only if you use Adobe Commerce: