Permissions “public” folder Laravel

4
votes

So I have the following folder organization in my Laravel project:

  • public
    • user_images
    • group_images
    • img
    • css
    • vendor
    • etc ...

So my problem is, when a user uploads an image I move it to the folder user_image and then I use the Intervention Image to make it smaller, I use Image::make(#folder), then re size it and at last I save it. But to do that the folder user_image needs special permissions, with chmod 777 i can make it work, but I think it's a security breach if I leave the folder with 777 permissions.

Should I leave the folder with 777 permissions or shouldn't? Why?

Thanks.

2
phplaravelpermissionslaravel-5apache2

2 Answers

6
votes

I would suggest that you leave 777 chmod if it is only images but also place an empty php file called "index.php" inside that folder that will redirect all incoming connection to the root.

2
votes

web user can't do any harm with 777 access in photos folder, so leave it.