php - File permissions for Laravel 5 (and others) -


i'm using apache web server has owner set _www:_www. never know best practice file permissions, example when create new laravel 5 project.

laravel 5 requires /storage folder writable. found plenty of different approaches make work , end making 777 chmod recursively. know it's not best idea though.

the official doc says:

laravel may require permissions configured: folders within storage , vendor require write access web server.

does mean web server needs access storage , vendor folders or current contents?

i assume better, changing owner instead of permissions. changed laravel's files permissions recursively _www:_www , made site work correctly, if changed chmod 777. problem text editor asks me password each time want save file , same happens if try change in finder, example copy file.

what popular approach solve problems?

  1. change chmod
  2. change owner of files match of web server , perhaps set text editor (and finder?) skip asking password, or make them use sudo
  3. change owner of web server match os user (i don't know consequences)
  4. something else

just state obvious viewing discussion.... if give of folders 777 permissions, allowing read, write , execute file in directory.... means have given (any hacker or malicious person in entire world) permission upload file, virus or other file, , execute file...

if setting folder permissions 777 have opened server can find directory. clear enough??? :)

there 2 ways setup ownership , permissions. either give ownership or make webserver owner of files.

webserver owner (the way people it):

assuming www-data webserver user.

   sudo chown -r www-data:www-data /path/to/your/laravel/root/directory

if that, webserver owns files, , group, , have problems uploading files or working files via ftp, because ftp client logged in you, not webserver, add user webserver user group:

  sudo usermod -a -g www-data ubuntu

of course, assumes webserver running www-data (the homestead default), , user ubuntu (it's vagrant if using homestead).

then set directories 755 , files 644... set file permissions

sudo find /path/to/your/laravel/root/directory -type f -exec chmod 644 {} \;

set directory permissions

sudo find /path/to/your/laravel/root/directory -type d -exec chmod 755 {} \;

your user owner

i prefer own directories , files (it makes working easier), do: 

sudo chown -r my-user:www-data /path/to/your/laravel/root/directory

then give both myself , webserver permissions: 

sudo find /path/to/your/laravel/root/directory -type f -exec chmod 664 {} \;     sudo find /path/to/your/root/directory -type d -exec chmod 775 {} \;

then give webserver rights read , write storage , cache

whichever way set up, need give read , write permissions webserver storage, cache , other directories webserver needs upload or write (depending on situation), run commands bashy above :

sudo chgrp -r www-data storage bootstrap/cache sudo chmod -r ug+rwx storage bootstrap/cache

now, you're secure , website works, , can work files easily


Comments

Post a Comment

Popular posts from this blog

Magento/PHP - Get phones on all members in a customer group -

i working on custom magento extension. working around adminhtml part , i've created custom form there. here form code: <?php class vivasindustries_smsnotification_block_adminhtml_sms_sendmass_edit_form extends mage_adminhtml_block_widget_form { public function _preparelayout() { $extensionpath = mage::getmoduledir('js', 'vivasindustries_smsnotification'); $head = $this->getlayout()->getblock('head'); $head->addjs('jquery.js'); $head->addjs('vivas.js'); return parent::_preparelayout(); } protected function _prepareform() { $form = new varien_data_form(array( 'id' => 'edit_form', 'action' => $this->geturl('*/*/save', array('id' => $this->getrequest()->get
Read more

php - .htaccess mod_rewrite for dynamic url which has domain names -

i want convert url ex:( example.com/link.php?url=facebook.com ) ( example.com/facebook.com.php ) how can using .htaccess. or there other process make job easier ? i tried adding script .htaccess file options +followsymlinks rewriteengine on rewriterule url-(.*)\.htm$ link.php?url=$1 but converting url adding "url-" ( example.com/url-facebook.com.php ) i want remove "url-" , want make ( example.com/facebook.com.php ) rewriteengine on rewritecond %{the_request} ^get.*link\.php\?url\= [nc] rewritecond %{request_uri} !/system/.* [nc] rewriterule (.*?)link\.php\?url\=/*(.*) /$1$2 [r=301,ne,l] not sure how above work edit of used use remove index.php url
Read more

Website Login Issue developed in magento -

i have website developed using magento . able login. right now, login failed. infact operations interacts user table failing. need know issue. how figure out? first clear try clear log file second make sure have not upgraded magento and 3rd make sure db accessible in magento -harry p
Read more