Correct permission for Laravel folders on server

Question

I am currently about to deploy a Laravel app. One of my features is to generate a PDF and save the file in the storage folder. But the problem is, it only works when the storage folder has 777 permission. Of course that is a big security risk once it is deployed. How to I solve it? Because if I don't 777 permission, it returns a Warning: mkdir() [function.mkdir]: Permission denied in ... error.

Thank you :)

Answer 1

These permissions should be set to 770 on the storage folder.

This will allow the owner of the directory (ideally the maintenance web admin) read/write/execute. And it will allow the web group (ideally the group that the maintenance web-admin and the web server user are both in) to have read/write/execute permission. The 0 means that other users have no permissions in the directory. The directory should be owned by the maintenance web admin, with it's ownership group set to the web group.

Example

chown -R mywebadmin:www-data /var/www/html/mysite.com/
chmod -R 750 /var/www/html/mysite.com/ 
chmod -R 770 /var/www/html/mysite.com/storage

Result

• /var/www/html/mysite.com - Owned by mywebadmin, Group is www-data
  • Owner can write/read/execute
  • Group can read/execute
  • Others can do nothing
• /var/www/html/mysite.com/storage - Owned by mywebadmin, Group is www-data
  • Owner can write/read/execute
  • Group can write/read/execute
  • Others can do nothing

---

There is a useful tool for generating these permissions if you have a hard time remembering them.

Note: It is extremely dangerous to have write access for the web user in the directory. A better option would be creating a PHP script that changes it's headers for Content-Type to application/octet-stream and having the PHP script generate the file it needs interanally without writing to the file system.