Level 20
You can find great articles about the theme in https://serversforhackers.com/, he is going to release a great book also!.
Sep 24, 2014
2
Level 11
Simple question about secure web server environment setup
I just deployed a digital ocean server and for now I've just chown'd everything in my laravel site's directory as www-data:www-data and it has whatever the default permissions were when I cloned from github.
I've never really set up a public web server environment before and was wondering if anyone knew what is the best practice for securing your web files on a LEMP stack. What permissions should various Laravel folders be? Who should be the owner etc?
Level 65
Depends on your situation and how much security you'll need it in terms of other people accessing it and other applications running on that machine.
I create a user to manage websites, then I do one of the following
In simple terms for a single server install of Laravel, you can either
chmod -R 777 app/storage
Or
chmod -R 775 app/storage; chgrp -R <webuser> app/storage
Please or to participate in this conversation.