Magento application configuration (app/etc/config.php), and environment config (app/etc/env.php)
Magento is a powerful open-source e-commerce platform that provides a highly flexible configuration system. Two core configuration files play a critical role in controlling how a Magento application behaves: app/etc/config.php and app/etc/env.php.
These files manage everything from enabled modules and store scopes to database credentials and environment-specific overrides. Understanding the responsibility of each file is essential for maintaining a stable and secure Magento setup.
Overview: config.php vs env.php
Although both files are generated during installation, they serve very different purposes:
- config.php – Application-level configuration, module states, scopes, and static settings.
- env.php – Environment-specific and sensitive data, including credentials, encryption keys, and runtime overrides.
Magento Application Configuration (app/etc/config.php)
The config.php file stores essential configuration required for
Magento to bootstrap the application. This file is automatically generated
and managed by Magento.
Important: This file should not be edited manually.
Magento CLI commands such as setup:upgrade or
module:enable update this file safely.
Key Sections in config.php
- i18n – Inline translation data (read-only).
- modules – List of enabled and disabled modules.
- scopes – Websites, stores, and store views configuration.
- system – Static system configuration.
- themes – Installed theme definitions.
modules
This section defines the enable/disable status of Magento modules.
A value of 1 means enabled, 0 means disabled.
'modules' => [
'Magento_Store' => 1,
'Magento_Theme' => 0,
'Magento_Backend' => 1,
'Magento_Eav' => 1
]
scopes
Contains configuration for websites, store groups, and store views.
'scopes' => [
'websites' => [
'admin' => [
'website_id' => '0',
'code' => 'admin',
'name' => 'Admin'
]
],
'groups' => [
0 => [
'group_id' => '0',
'code' => 'default',
'name' => 'Default'
]
],
'stores' => [
'admin' => [
'store_id' => '0',
'code' => 'admin',
'is_active' => '1'
]
]
]
system
Holds system configurations required at runtime, especially during static content deployment.
'system' => [
'default' => [
'checkout' => [
'cart' => [
'delete_quote_after' => 31
]
]
]
]
themes
Tracks installed and configured Magento themes.
'themes' => [
'frontend/Magento/luma' => [
'parent_id' => 'Magento/blank',
'theme_title' => 'Magento Luma',
'area' => 'frontend'
]
]
Magento Environment Configuration (app/etc/env.php)
The env.php file contains environment-specific values and
sensitive configuration data. These settings override database-stored
configuration values and are critical for security and performance.
This file should only be modified through Magento CLI or controlled deployment processes.
Major Sections in env.php
- backend – Admin URL configuration
- cache_types – Cache enable/disable flags
- cron – Cron job control
- crypt – Encryption key
- db – Database configuration
- MAGE_MODE – Magento deploy mode
- queue – Message queue settings
- session – Session storage
- x-frame-options – Clickjacking protection
- system – Locked configuration values
backend
'backend' => [
'frontName' => 'admin'
]
cache_types
'cache_types' => [
'config' => 1,
'layout' => 1,
'block_html' => 1,
'full_page' => 1
]
cron
'cron' => [
'enabled' => 0
]
crypt
'crypt' => [
'key' => '63d409380ccb1182bfb27c231b732f05'
]
db
'db' => [
'connection' => [
'default' => [
'host' => 'localhost',
'dbname' => 'magento_db',
'username' => 'root',
'password' => '******'
]
]
]
MAGE_MODE
'MAGE_MODE' => 'developer'
session
'session' => [
'save' => 'files'
]
x-frame-options
'x-frame-options' => 'SAMEORIGIN'
Final Thoughts
Both config.php and env.php are fundamental to
Magento’s architecture. The former defines application structure,
while the latter secures and customizes the runtime environment.
Proper handling of these files ensures performance, security, and scalability. Always follow Magento best practices and use CLI tools or deployment scripts to manage changes safely.