Laravel Security Ubuntu

Laravel 5 Files Folders Permission and Ownership Setup

Laravel 5 Files Folders Permission and Ownership Setup
Written by Yogesh Koli

Introduction:

In this tutorial I will give you details on how you should deal with Laravel 5 files and folders permission and ownership while working on Laravel 5 project.

In current area of development security is most valuable part for the application, as a developer you should be very careful while uploading projects on server for the production.

Folder permissions is the key point for the security if you loss this key your application will be giving an invitation to the hacker, in simple words it’s open to the word if you haven’t set a proper permissions for your application hacker can easily stole or hack your product.

Second thing if you are in beginner or intermediate phase of the Laravel Development then this tutorial is going to help you a lot.

I see we use to make mistakes while going through this phase but no worries this tutorial is going to help you to be safe from application.

Want to use AngularJS in Laravel 5 – Laravel 5 Angular JS File Upload

Security Issue:

I often see people used to upload Laravel project on server and the first error they use get is the lack of file & folder permissions, and then they used to take quick action by setting files and folder permission to their folder to 777 and project started running.

However if you notice this is really a bad practice if you do this meaning if you set 777 permission to your project directory that say your server is open to the world.

Meaning anyone that can visit to you application can have read, write and execute permission on your server.

In Simple words – anyone can read the data from your application, write the data and execute the files, so hackers can easily upload file or virus or malware and execute to damage your project.



Wondering how your one wrong step impacts to the security of your application right?

Always Avoid Setting 777 Permission to your Project

Let’s fix this issue in the next step:

Set Laravel 5 Files Folders Permission and Ownership:

First step you need take is find the web server user and that is very simple, for apache it is set to www-data, but do make sure by using following command, go ahead and ssh to your server by using terminal and run below command:

You should get output similar to this:

This output clearly saying that apache is running by www-data, so we get our user.

change the directory/project-directory owner to www-data, use following command:

Example: (replace example-project-name to your project directory name)

Set Folders permissions to 755 and file of your project to 644:

Folder/Directory Permissions:

Files Permissions:

By setting this permissions and ownership we are saying to server that web server owns this files and folders and end user access is limited to only read, so now user won’t be able to write or execute any file on the server.

Now we are set and secure, but how about Laravel project if you still run your project it will give same issue, because Laravel still needs read and write access to the storeate and bootstrap/cache folder, let’s fix this.

we can fix this by giving read and write access to web server:

Keep in mind to assign this access to all your further folder as per your project requirements, for example you must be having a directory where you upload images or documents.

You are all good to run your project on server and if you try to run you Laravel project it should work.

Hang on you still need a little last step to follow, for sure you need to upload file from FTP or so. right ?

Simply add user FTP user to the group:

In the above step root can be replace by your username from the server it may be ubuntu if your working on AWS EC2 instance.

Do let me know if you get any issue while using this tutorial.

Happy Coding!

About the author

Yogesh Koli

Yogesh Koli is a software engineer & a Blogger lives in India. He’s driven by an addiction to learning and a love for adventure. he has 5+ years of experience working with the front-end, back-end, web application development, and system design.