Step 3. Web Configuration

Before you begin

Before you begin, make sure that:

  1. Your system meets the requirements discussed in Magento System Requirements.
  2. You completed all prerequisite tasks discussed in Prerequisites.
  3. You started your installation as discussed in Getting started.
  4. You completed all preceding steps in the Setup Wizard.

Step 3: Web Configuration

  1. Enter the following information:

    Item Description
    Your Store Address Enter the URL, including scheme and trailing slash, by which users access your storefront. For example, if your storefront hostname is, enter
    Magento Admin Address Enter the relative URL by which to access the Magento Admin.
  2. Optionally click Advanced Options and enter the following information:

    Item Description
    HTTPS Options Select the checkbox to enable the use of Secure Sockets Layer (SSL) in the indicated URL. Make sure your web server supports SSL before you select either checkbox.
    Apache Rewrites Select this checkbox to use Apache rewrites. We support this option only if you enabled server rewrites when you installed Apache.
    Encryption Key Magento uses an encryption key to encrypt sensitive data in the database.

    Click I want to use a Magento generated key to have Magento generate an encryption key for you.

    Click I want to use my own encryption key if you already have an encryption key.
    Session Save From the list, click the option corresponding to how to store session data.

    The default is Files, which means session data is saved in the var/session subdirectory of the Magento file system.

    You can also choose Db, which means session data is stored in the database.
  3. Click Next.

What is sensitive data?

Magento uses your encryption key to encrypt the following:

  • Credit card information
  • Usernames and passwords specified in the Magento Admin configuration (for example, logins to payment gateways)
  • CAPTCHA values sent over the network

Magento does not encrypt:

  • Administrative and customer usernames and passwords (these passwords are hashed)
  • Address
  • Phone number
  • Other types of personally identifiable information except for credit card numbers

Related topics

Step 4. Customize your store