Laravel 5.8 Files Folders Permissions and Ownership Setup
Introduction: laravel storage permissions
Hello, In this post I will teach you how you can deal with files and folder permissions and ownership when you are working in laravel project.
In the modern growing development environment, security is the most important factor for any application especially when you are deploying your project on the production server. Files and folders permissions are the main things for concerned. If you are not assigning proper files and folders permission then it's mean you are giving an invitation to attackers. In other words, your system is open for public and attackers without giving proper permissions.
If you are in beginner and any phase of laravel and not familiar with laravel storage permission then this post gonna help you that how you can easily laravel storage permissions.
Laravel Security Issues:
I have seen several time people when deploying laravel project, the first error they get is laravel storage permissions and to solve it quick they set files and folders permissions to 777 and project started working.
However, it is really a bad practice to set permission to 777, its simply mean your server is open for the public.
Now come to the point, how one wrong step can impact the security of your application?
Note: Always, avoid 777 permissions to your files and folders of your project.
Let's fix the issue and set up proper permission for your laravel project.
First of all you need to find the apache server user, that is very simple by following command. For this you need to ssh of your server and run the command below.
Command: ps aux | egrep '(apache|httpd)'
You will get the list of user and apache is running by user www-data.
Now change your project directory owner to www-data by the following the command.
Command: sudo chown -R www-data:www-data /var/www/path/your/project/
Replace /var/www/path/your/project/ with your project.
Folder/Directory Permissions:
Command: sudo find /var/www/example-project-name/ -type d -exec chmod 755 {} \;Files Permissions:
Command: sudo find /var/www/example-project-name/ -type f -exec chmod 644 {} \;By setting up these permissions you are saying that only web server owns the files and folders and the end user only has the read-only permission, it's mean end user only can read the files. The end user is not able to run or execute any file on the server.
Now we have successfully set permissions to our project, but your laravel project is still facing the laravel storage permissions issue then your laravel project need to read and write access to the storage and bootstrap/cache folder.
Let's fix this issue.
Fix this issue by giving read and write access to the web server.
Command: sudo chgrp -R www-data /var/www/example-project-name/storage /var/www/example-project-name/bootstrap/cache
Command: sudo chmod -R ug+rwx /var/www/example-project-name/storage /var/www/example-project-name/bootstrap/cache
Comments
Post a Comment