In this tutorial, we will discuss how to set up file and folder permissions correctly for Laravel on Production Server
Laravel is a powerful PHP framework that can help you build web applications quickly and efficiently. However, one aspect of securing your Laravel application is setting up proper file and folder permissions.
If you are a Laravel developer, you must be familiar with the importance of setting up file and folder permissions correctly. File and folder permissions are essential to ensure the security and integrity of your Laravel application.
Understanding File and Folder Permissions
Before we dive into the process of setting up file and folder permissions for Laravel, let's first understand what file and folder permissions are. In Linux, file and folder permissions are represented by a set of three numbers or characters that define who can read, write, and execute a file or folder. These permissions are assigned to the owner, group, and others.
Why Are File and Folder Permissions Important?
File and folder permissions control who can access files and directories on your server. Properly setting up permissions can prevent unauthorized access to sensitive data, and ensure that only authorized users can modify files.
Setting Up File and Folder Permissions for Laravel
To set up proper file and folder permissions for Laravel, follow these steps:
1. Identify Your Web Server User
The first step is to identify the user that your web server runs under. On Ubuntu and Debian based linux distributions, for example, the default web server user is www-data. You can check which user your web server runs as by looking at the configuration files for your web server.
However if you are still unsure about the user you can run below command to get the user:
ps aux | egrep '(apache|apache2|httpd)'Or you can get the name of the web server user directly by running below terminal command:
ps -ef | egrep '(apache|apache2|httpd)' | grep -v `whoami` | grep -v root | head -n1 | awk '{print $1}'It should return www-data on Ubuntu or apache on CentOS as Your Web Server User.
2. Give Ownership to the Web Server User
Go to your laravel root directory, here assuming the directory rexposed is your application root directory:
cd /var/www/html/rexposedThere are basically two ways to setup your ownership and permissions. Either you give yourself ownership or you make the webserver the owner of all files.
Option 1: Webserver as owner
If you want Webserver as owner which is the way most people do it, and the Laravel documentation prefers it, run below command (assuming your web server user is www-data).
sudo chown -R www-data:www-data .Note if you do that, the webserver owns all the files, and is also the group, and you will have some problems uploading files or working with files via FTP, because your FTP client will be logged in as you, not your webserver, so add your user to the webserver user group:
sudo usermod -a -G www-data ubuntuOption 2: Your user as owner
Run below command to give ownership to your user and www-data to current directory.
sudo chown -R $USER:www-data .3. Set Permissions for Files and Directories
To set permissions for files, run the following command from your Laravel project directory:
sudo find . -type f -exec chmod 664 {} \;To set permissions for folders and directories, run the following command:
sudo find . -type d -exec chmod 775 {} \;4. Set up permissions for storage and cache directories
Next, we need to give the webserver the rights to read and write to certain directories such as the storage and bootstrap/cache directories. To do this, run the following command from your Laravel project directory:
sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cacheNote: replace www-data with your web server user if necessary.
5. Set Permissions for Uploads Directory (Optional)
If your Laravel application allows users to upload files, you may also need to set appropriate permissions for the directory where uploaded files are stored. This directory is usually named public/uploads, but may be different depending on your application. You can set the permissions using the following command:
sudo chmod -R 755 public/uploadsWhy Not to Use chmod 777
Give 777 chmod permissions to folders/files with caution, because granting 777 permissions to any of your folders (full write, read, execute) allows any user to read, write, and execute any file in that directory.
That is, you must be aware that if you grant anyone (hackers, malicious people) permission to upload any file, virus, or other file, and then execute that file.
Conclusion
In conclusion, setting up file and folder permissions correctly is essential for the security and integrity of your Laravel application. By following the steps outlined in this article, you can ensure that your Laravel application has the appropriate permissions set up. For more information on Laravel development and best practices, check out our website and other related articles like Getting Started with Laravel: A Beginner's Guide and Laravel vs Other PHP Frameworks: A Comparative Analysis.
