Posted in Laravel

Securely setting file permissions for Laravel Framework

After developing the application locally, when the application is moved to production, people find that web page fails to display the content. This may be due to proper file permissions. Some simply gives complete read, write and execute permission for files and directories like this:

sudo chmod -R 777 path/to/root

which is a serious security concern. Follow these steps to securely grant permissions to your files:

Assumptions:
– Web server: www-data
– User: ubuntu

Step 1: chown the root directory:

sudo chown -R www-data:www-data /path/to/root

Step 2: Grant FTP for uploading and working with files (for using any FTP client):

sudo usermod -a -G www-data ubuntu

Step 3: Set file permission to 644:

sudo find /path/to/root -type f -exec chmod 644 {} \;

Step 4: Set directory permission to 755:

sudo find /path/to/root -type d -exec chmod 755 {} \;

Step 5: Give rights for web server to read and write storage and cache

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

In this way your website is up and secure.

Advertisements

One thought on “Securely setting file permissions for Laravel Framework

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s