Install the Magento software

Totally lost? Need a helping hand? Try our installation quick reference (tutorial) or installation roadmap (reference).

Before you start your installation

Before you begin, make sure that:

  1. Your system meets the requirements discussed in Magento system requirements.
  2. You completed all prerequisite tasks discussed in Prerequisites.
  3. You took your first installation steps as discussed in Your install or upgrade path.
  4. After you log in to the Magento server, switch to the Magento file system owner.
  5. Review the information discussed in Get started with the command-line installation.

You must install Magento from its bin subdirectory.

The installer is designed to be run multiple times if necessary so you can:

  • Provide different values

    For example, after you configure your web server for Secure Sockets Layer (SSL), you can run the installer to set SSL options.

  • Correct mistakes in previous installations
  • Install Magento in a different database instance

By default, the installer doesn't overwrite the Magento database if you install the Magento software in the same database instance. You can use the optional cleanup-database parameter to change this behavior.

See also Update, reinstall, uninstall.

Completely secure installation

To use Secure Sockets Layer (SSL), also referred to as HTTPS, for both the Magento Admin and the storefront, you must set all of the following parameters:

  • --use-secure: Set to 1
  • --base-url-secure: Set to a secure URL (that is, starting with https://)
  • --use-secure-admin Set to 1

More details about these parameters can be found later in this topic.

Installer help commands

You can run the following commands to find values for some required arguments:

Installer argument Command
Language magento info:language:list
Currency magento info:currency:list
Time zone php magento info:timezone:list

If an error displays when you run these commands, make sure you updated installation dependencies as discussed in Update installation dependencies.

Install the Magento software from the command line

The format of the install command follows:

magento setup:install --<option>=<value> ... --<option>=<value>

The following table discusses the meanings of installation option names and values. Examples are provided in Sample localhost installations.

Any options that contain spaces or special characters must be enclosed in either single or double quotes.

Name Value Required?

--admin-firstname

Magento administrator user's first name.

Yes

--admin-lastname

Magento administrator user's last name.

Yes

--admin-email

Magento administrator user's e-mail address.

Yes

--admin-user

Magento administrator user name.

Yes

--admin-password

Magento administrator user password.

The password must be at least 7 characters in length and must include at least one alphabetic and at least one numeric character.

We recommend a longer, more complex password. Enclose the entire password string in single quotes. For example, --admin-password='A0b9%t_3`g'

Yes

--base-url

Base URL to use to access your Magento Admin and storefront in any of the following formats:

  • http[s]://<host or ip>/<your Magento install dir>/.</p>

    Note: The scheme (http:// or https://) and a trailing slash are both required.

    <your Magento install dir> is the docroot-relative path in which to install the Magento software. Depending on how you set up your web server and virtual hosts, the path might be magento2 or it might be blank.

    To access Magento on localhost, you can use either http://127.0.0.1/<your Magento install dir>/ or http://127.0.0.1/<your Magento install dir>/.

  • {{base_url}} which represents a base URL defined by a virtual host setting or by a virtualization environment like Docker. For example, if you set up a virtual host for Magento with the host name magento.example.com, you can install the Magento software with --base-url={{base_url}} and access the Magento Admin with a URL like http://magento.example.com/admin.

No

--backend-frontname

Uniform Resource Identifier (URI) to access the Magento Admin or omit this parameter to let Magento generate a random URI for you.

We recommend a random URI for security purposes. A random URI is harder for hackers or malicious software to exploit.

The URI displays at the end of the installation. You can display it later at any time using the magento info:adminuri command.

If you choose to enter a value, we recommend you not use a common word like admin, backend, and so on. The Admin URI can contain alphanumeric values and the underscore character (_) only.

No

--db-host

Use any of the following:

  • The database server's fully qualified host name or IP address.
  • localhost (default) or 127.0.0.1 if your database server is on the same host as your web server.
    localhost means the MySQL client library uses UNIX sockets to connect to the database. 127.0.0.1 causes the client library to use the TCP protocol. For more information about sockets, see the PHP PDO_MYSQL documentation.

Note: You can optionally specify the database server port in its host name like www.example.com:9000

No

--db-name

Name of the Magento database instance in which you want to install the Magento database tables.

Default is magento2.

No

--db-user

User name of the Magento database instance owner.

Default is root.

No

--db-password

Magento database instance owner's password.

No

--db-prefix

Use only if you're installing the Magento database tables in a database instance that has Magento tables in it already.

In that case, use a prefix to identify the Magento tables for this installation. Some customers have more than one Magento instance running on a server with all tables in the same database.

The prefix can be a maximum of five characters in length. It must begin with a letter and can include only letters, numbers, and underscore characters.

This option enables those customers to share the database server with more than one Magento installation.

No

--language

Language code to use in the Admin and storefront. (If you have not done so already, you can view the list of language codes by entering magento info:language:list from the bin directory.)

No

--currency

Default currency to use in the storefront. (If you have not done so already, you can view the list of currencies by entering magento info:currency:list from the bin directory.)

No

--timezone

Default time zone to use in the Admin and storefront. (If you have not done so already, you can view the list of time zones by entering magento info:timezone:list from the bin directory.)

No

--use-rewrites

1 means you use web server rewrites for generated links in the storefront and Admin.

0 disables the use of web server rewrites. This is the default.

No

--use-secure

1 enables the use of Secure Sockets Layer (SSL) in storefront URLs. Make sure your web server supports SSL before you select this option.

0 disables the use of SSL with Magento. In this case, all other secure URL options are assumed to also be 0. This is the default.

No

--base-url-secure

Secure base URL to use to access your Magento Admin and storefront in the following format: http[s]://<host or ip>/<your Magento install dir>/

No

--use-secure-admin

1 means you use SSL to access the Magento Admin. Make sure your web server supports SSL before you select this option.

0 means you do not use SSL with the Admin. This is the default.

No

--admin-use-security-key

1 causes the Magento software to use a randomly generated key value to access pages in the Magento Admin and in forms. These key values help prevent cross-site script forgery attacks. This is the default.

0 disables the use of the key.

No

--session-save

Use any of the following:

  • db to store session data in the database. Choose database storage if you have a clustered database; otherwise, there might not be much benefit over file-based storage.
  • files to store session data in the file system. File-based session storage is appropriate unless the Magento file system access is slow, you have a clustered database, or you want to store session data in Redis.
  • redis to store session data in Redis. If you will be using Redis for default or page caching, Redis must be already installed. See Use Redis for session storage for additional information about configuring support for Redis.

No

--key

If you have one, specify a key to encrypt sensitive data in the Magento database. If you don't have one, Magento generates one for you.

No

--cleanup-database

To drop database tables before installing the Magento software, specify this parameter without a value. Otherwise, the Magento database is left intact.

No

--db-init-statements

Advanced MySQL configuration parameter. Uses database initialization statements to run when connecting to the MySQL database. Consult a reference similar to this one before you set any values.

Default is SET NAMES utf8;.

No

--sales-order-increment-prefix

Specify a string value to use as a prefix for sales orders. Typically, this is used to guarantee unique order numbers for payment processors.

No

--amqp-host

Magento Commerce only. Do not use the` --amqp` options unless you have already set up an installation of RabbitMQ. See RabbitMQ installation for more information about installing and configuring RabbitMQ..

The host name where RabbitMQ is installed.

No

--amqp-port

Magento Commerce only. The port to use to connect to RabbitMQ. The default is 5672.

No

--amqp-user

Magento Commerce only. The user name for connecting to RabbitMQ. Do not use the default user guest.

No

--amqp-password

Magento Commerce only. The password for connecting to RabbitMQ. Do not use the default password guest.

No

--amqp-virtualhost

Magento Commerce only. The virtual host for connecting to RabbitMQ. The default is /.

No

--amqp-ssl

Magento Commerce only. Indicates whether to connect to RabbitMQ. The default is false. See RabbitMQ for information about setting up SSL for RabbitMQ.

No

To enable or disable modules after installing Magento, see Enable and disable modules.

What is sensitive data?

Magento uses your encryption key to encrypt the following:

  • Credit card information
  • User names and passwords specified in the Magento Admin configuration (for example, logins to payment gateways)
  • CAPTCHA values sent over the network

Magento does not encrypt:

  • Administrative and customer user names and passwords (these passwords are hashed)
  • Address
  • Phone number
  • Other types of personally identifiable information except for credit card numbers

Sample localhost installations

Example 1

The following example installs Magento with the following options:

  • The Magento software is installed in the magento2 directory relative to the web server docroot on localhost and the path to the Magento Admin is admin; therefore:

    Your storefront URL is http://127.0.0.1

  • The database server is on the same host as the web server.

    The database name is magento, and the user name and password are both magento

  • Uses server rewrites

  • The Magento administrator has the following properties:

    • First and last name are Magento User
    • User name is admin and the password is admin123
    • E-mail address is user@example.com
  • Default language is en_US (U.S. English)
  • Default currency is U.S. dollars
  • Default time zone is U.S. Central (America/Chicago)

    magento setup:install --base-url=http://127.0.0.1/magento2/ \
    --db-host=localhost --db-name=magento --db-user=magento --db-password=magento \
    --admin-firstname=Magento --admin-lastname=User --admin-email=user@example.com \
    --admin-user=admin --admin-password=admin123 --language=en_US \
    --currency=USD --timezone=America/Chicago --use-rewrites=1
    

Messages similar to the following display to indicate a successful installation:

Post installation file permissions check...
For security, remove write permissions from these directories: '/var/www/html/magento2/app/etc'
[Progress: 274 / 274]
[SUCCESS]: Magento installation complete.
[SUCCESS]: Admin Panel URI: /admin_puu71q

Example 2 (with additional options)

The following example installs Magento with the following options:

  • The Magento software is installed in the magento2 directory relative to the web server docroot on localhost and the path to the Magento Admin is admin; therefore:

    Your storefront URL is http://127.0.0.1

  • The database server is on the same host as the web server.

    The database name is magento, and the user name and password are both magento

  • The Magento administrator has the following properties:

    • First and last name are is Magento User
    • User name is admin and the password is admin123
    • E-mail address is user@example.com
  • Default language is en_US (U.S. English)
  • Default currency is U.S. dollars
  • Default time zone is U.S. Central (America/Chicago)
  • The installer first cleans up the database before installing the tables and schema
  • You use a sales order increment prefix ORD$ and because it contains a special character ($), the value must be enclosed in double quotes
  • Session data is saved in the database
  • Uses server rewrites

    magento setup:install --base-url=http://127.0.0.1/magento2/ \
    --db-host=localhost --db-name=magento \
    --db-user=magento --db-password=magento \
    --admin-firstname=Magento --admin-lastname=User --admin-email=user@example.com \
    --admin-user=admin --admin-password=admin123 --language=en_US \
    --currency=USD --timezone=America/Chicago --cleanup-database \
    --sales-order-increment-prefix="ORD$" --session-save=db --use-rewrites=1
    

Messages similar to the following display to indicate a successful installation:

Post installation file permissions check...
For security, remove write permissions from these directories: '/var/www/html/magento2/app/etc'
[Progress: 274 / 274]
[SUCCESS]: Magento installation complete.
[SUCCESS]: Admin Panel URI: /admin_puu71q

The command must be entered either on a single line or, as in the preceding example, with a \ character at the end of each line.

Next step