Codeigniter – The upload destination folder does not appear to be writable

Question

I'm using CodeIgniter's upload helper and received the above error when trying to upload an image. The permissions for the folder I'm trying to upload to are 755. When I changed it to 777, the error went away, but isn't 777 kind of a security risk?

I'm running on Apache. Is there a better way to allow users to upload files without setting the folder permissions to 777? How can I get 755 to work?

Thanks for the help!

Answer 1

change file permissions to 777 is what worked for me. I am on mac, control^ + click on file and click "getinfo" and scroll to bottom and change all permissions to read and write. 777 = read & write for all users.

php codeigniter 3

Answer 2

I don't think so giving any folder on server 777 permission is good. Instead giving 777 permission i suggest make www-data user as owner of desired folder and give 755 permission like below

chown -R www-data:www-data /var/www/html/uploads/

For 755 permission

chmod 755 -R /var/www/html/uploads/

Answer 3

If the folder is for loading files by users than permisision 777 is required.

It's up to you to validate what files are loaded through upload script. Also you can use .htaccess to alow or not alow certain files to be executed from that directory.

The documentation for upload in codeigniter it's pretty simple and intuitive. Also here you can look at some ways to validate the type of files that are uploaded https://codeigniter.com/userguide3/libraries/file_uploading.html

Answer 4

I know this is not an active question and may not be an issue for most but because I came across this I wanted to clarify for anyone else that may see this.

You DO NOT need 777 permission on your upload directory. This is actually not a good idea. The last 7 means it is public writable which does not need to be in most cases. Typically 755 should be good enough

More than likely the issue is that the directory is not owned but the user running Apache which is typically www-data

Step by step:

Check owner of dir (i.e.)

ls -l /path/to/upload/

Output should show similar

drwxr-xr-x  4 www-data www-data     4096 Oct 26 20:41 uploads

If not then you should change to www-data if that is the user Apache is running under. To check what user apache is running under :

 ps aux | egrep '(apache|httpd)'

This should list something similar:

 www-data   419  0.0  0.9 556292 156656 ?       S    18:46   0:00 /usr/sbin/apache2 -k start

Hope This Helps!

Answer 5

In my NGINX + PHP-FPM installation the issue was solved changing the SElinux parameters from enforcing to permissive:

edit and change options with vi /etc/selinux/config apply options without restart with sudo setenforce 0 check the status with sestatus.

Answer 6

try this:

sudo chmod 777 -R /path/to/write/folder