Archenzo's avatar

Laravel 10 Deployment - public folder

I deployed laravel 10 on a digital ocean droplet, was working ok. then i tried to move the public folder to outside the project folder as a way to further secure my application, my project is located in /var/www/html/project , my public folder is located in /var/www/public (not sure if that's the best location for the public folder), i did edit the project .conf with the new public folder path and added " $app->usePublicPath(base_path('public')); " to the /bootstrap/app.php and it doesn't seem to work.

my questions: is it the best practice to move the public folder in laravel 10? if yes, does that mean i should delete public folder inside project folder and move it else where? TIA

0 likes
4 replies
LaryAI's avatar
LaryAI
AI
2 years ago
Level 58

Moving the public directory outside of the main Laravel project directory is not a common practice and is not necessary for security if you configure your web server correctly. Laravel is designed to protect your application code by serving requests through the public directory, which acts as the document root. All other directories are not directly accessible via the web server.

However, if you have a specific reason to move the public directory, you can do so by updating your server configuration and Laravel's paths. Here's how you can achieve that:

  1. Update your web server configuration to point to the new public directory. For example, if you're using Nginx, you would update the root directive in your site's configuration file:
server {
    listen 80;
    server_name example.com;
    root /var/www/public;

    index index.php index.html index.htm;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    # ... other configurations for PHP, etc.
}
  1. In your Laravel application, you need to update the bootstrap/app.php file to set the public path. You've already added the line, but make sure it's correct:
$app->usePublicPath(base_path('../public'));

Make sure the path you provide to base_path() is the correct relative path from your bootstrap directory to the new public directory.

  1. After moving the public directory, you should also update the public_path() helper function. You can do this by adding a new method in the AppServiceProvider:
// In app/Providers/AppServiceProvider.php

public function register()
{
    $this->app->bind('path.public', function() {
        return base_path('../public');
    });
}

  1. If you have assets that use the asset() helper, they should continue to work as long as the public_path() function returns the correct path.

  2. You do not need to delete the original public folder inside your project folder, but you should ensure that it is not accessible via the web server. You can rename it or remove it if you're sure that all assets and references have been updated accordingly.

Remember to clear the config cache after making these changes:

php artisan config:clear

And finally, always test your changes in a development or staging environment before deploying to production to ensure that everything works as expected.

1 like
Crowleks's avatar

In my opinion, no. It's not useful to work with a project when a public folder is not in the git for example. You can configure server permission as well for "project" and "public" folders. You can specify a user to isolate it from the system.

1 like
gych's avatar

You also have to change the require paths in the index.php in your public folder so it points correctly to where your laravel project folder is located.

How do you push your updates to production, via CI/CD or just manually?

1 like
martinbean's avatar

@archenzo There’s no need to move folders. And I don’t know what you mean when you say you renamed it to “public” when it already is “public” by default.

All you need to do is specify the web root as your public folder in your nginx or Apache config file.

1 like

Please or to participate in this conversation.