This article provides a fix for when custom server-side scripts are not executed if placed in the ./pub/media/ directory of your Magento Commerce Cloud application. This is an expected security limitation, since the ./pub/media/ directory is writable. To make scripts executable, place them in non-writable directories of your Magento Cloud app, such as ./app/code/ or ./pub/.
Affected versions
- Magento Commerce Cloud: 2.1.X and later, Starter and Pro plans, Wings and Legacy architectures
Issue: scripts not executed
Custom server-side scripts cannot be executed when initiated.
For example, when the end user (Magento shopper) clicks the link that leads to the *.php file with the script (like domain.com/media/directory/script.php), the script is being downloaded instead of executing.
Cause: incorrect location of script file
The issue occurs when the script files are located in the ./pub/media/ directory of a Magento Commerce Cloud application. This is an expected behavior: due to security limitations, files from the writable directories (./pub/media/) are never executed.
Solution: place scripts in non-writable directories
Store the server-side scripts in non-writable directories, such as ./app/code/ or ./pub/