File and Directory permission setup for Laravel

F

Never set 777 permission on web server

If you give any of your folders 777 permissions, you are allowing ANYONE to read, write and execute any file in that directory!!

That means you have given ANYONE (any hacker or malicious person in the entire world) permission to upload ANY file, virus or any other file, and THEN execute that file.

Set all your directories to 755 and your files to 644..

SET File Permission

sudo find /path/to/your/laravel/root/directory -type f -exec chmod 644 {} \;

SET Directory permission

sudo find /path/to/your/laravel/root/directory -type d -exec chmod 755 {} \;

Then give the webserver the rights to read and write to storage and cache

You need to give read and write permissions to the webserver for storage, cache and any other directories the webserver needs to upload or write too (depending on your situation)

That’s why run :

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

NOW ITS SECURE 😀

About the author

Imran Pollob

Learn => Practice => Implement => Repeat

Add comment

Categories

Imran Pollob

Learn => Practice => Implement => Repeat

Get in touch