Skip to content

Instantly share code, notes, and snippets.

@tr4nk

tr4nk/Set-dir-permission-for-web.md

Last active March 29, 2024 12:04
Show Gist options
  • Save tr4nk/7a039750af70a3612c6a50058817db7f to your computer and use it in GitHub Desktop.
Save tr4nk/7a039750af70a3612c6a50058817db7f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Set-dir-permission-for-web.md

Set folder permissions for website

Prerequisites

  • Dir: /var/www/my-website.com/
  • User: john
  • Web server group: www-data

TL;DR

Set folder permissions for laravel project:

sudo usermod -aG www-data john

cd /var/www/my-website.com/
sudo chown -R john:www-data .
sudo find . -type d -exec chmod 755 {} \;
sudo find . -type f -exec chmod 644 {} \;
sudo chmod g+w -R storage bootstrap/cache
sudo chmod g+s -R .

If using Apache, make sure all directories have execute permission (/var, /var/www, /var/www/my-website.com/, ...)

Steps

Firstly:

cd /var/www/my-website.com/

Add user to web server group

sudo usermod -a -G www-data john

It may be necessary to reload the terminal for the change to be applied if the current user is john.

Set folder permissions

  1. Set your user as the owner
sudo chown -R john .
  1. Set the web server as the group owner
sudo chgrp -R www-data .
  1. Set file/folder permission 750 permissions for everything
sudo find . -type d -exec chmod 750 {} \;
sudo find . -type f -exec chmod 640 {} \;

Use 755 and 644 if the web server is apache.

Set permissions for writable folders

sudo chmod g+w -R <folder>
  1. New files and folders inherit group ownership from the parent folder
sudo chmod g+s -R .

Issues

New file created in writable folders doesn't have write permission

Use one or more of the solutions below:

Set umask 0002 for apache user

On CentOS, create file /etc/systemd/system/httpd.service.d/umask.conf:

[Service]
UMask=0002

Then reload:

systemctl daemon-reload
sudo apachectl restart

Reference:

Set umask 002 for supervisord.conf

sudo vi /etc/supervisord.conf
[supervisord]
umask=002

Then reload config

sudo supervisorctl reread
sudo supervisorctl update

Set file permission in framework config

Config laravel config/cache.php config

return [
    'stores' => [
        'file' => [
            'driver' => 'file',
            'path' => storage_path('framework/cache/data'),
            'permission' => 0777,
        ],
    ],
];

Apache return 403 page even if the vhost is correct

Make sure all directories have execute permission (/var, /var/www, /var/www/my-website.com/, ...)

References

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment