Laravel folder permission

  • Laravel
Laravel Folder Permission

If we give any of our folders 777 permissions, we are allowing ANYONE to read, write and execute any file in that directory…. what this means is we have given ANYONE (any hacker or malicious person in the entire world) permission to upload ANY file, virus or any other file, and THEN execute that file.

There are basically two ways to set up our ownership and permissions. Either we give server user ownership or we make the web server the owner of all files.

Webserver as the owner (the way most people do it, and the Laravel doc’s way):

Assuming www-data (it could be something else) is your webserver user.

				
					sudo chown -R www-data:www-data /path/to/your/laravel/root/directory
				
			

If we do that, the webserver owns all the files and is also the group, and we will have some problems uploading files or working with files via FTP, because our FTP client will be logged in as a different user, not our webserver, so add our user to the webserver user group:

				
					sudo usermod -a -G www-data ubuntu
				
			

Of course, this assumes our webserver is running as www-data (the Homestead default), and our user is ubuntu (it’s vagrant if we are using Homestead).

Then we set all our directories to 755 and our files to 644.

SET file permissions.

				
					sudo find /path/to/your/laravel/root/directory -type f -exec chmod 644 {} \; 
				
			

SET directory permissions

				
					sudo find /path/to/your/laravel/root/directory -type d -exec chmod 755 {} \;
				
			

Our user as owner

I prefer to own all the directories and files (it makes working with everything much easier), So, go to our laravel root directory:

				
					cd /var/www/html/laravel >> assuming this is our current root directory
				
			
				
					sudo chown -R $USER:www-data .
				
			

Then we will give both myself and the webserver permissions:

				
					sudo find . -type f -exec chmod 664 {} \;   
sudo find . -type d -exec chmod 775 {} \;
				
			

Then give the webserver the rights to read and write to storage and cache

Whichever way we set it up, then we need to give read and write permissions to the webserver for storage, cache and any other directories the webserver needs to upload or write too (depending on our situation), so run the commands:

				
					sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache
				
			

Now, we are secured and our website works, and we can work with the files fairly easily.

 

For more details and discussion thread, visit this link

Leave a Reply

Your email address will not be published. Required fields are marked *