Skip to content

DEV Community

Basim Ghouri

Posted on May 28, 2022

Security in Laravel: How to Protect Your App Part 4

#laravel #security #exposefile

Exposed Files

By default, Laravel only exposes the public directory. This is intended to avoid security breaches. Considering that any file that will be exposed can be accessed by anyone, you should avoid adding their sensitive data.

If you want to expose files to download, the best way to do this is by keeping the files on the storage directory and just adding a symbolic link on a public directory. Laravel provides a command to make it easier:

php artisan storage:link

Now, any file that your app stores in the storage directory will be available. Avoid adding manual permissions to any other directory as this could lead to a potential breach.

Top comments (1)

Subscribe

Basim Ghouri • May 30 '22

Follow And like for more laravel security parts

Read next

The good, the bad and the ugly of the XZ vulnerability (CVE 2024-3094)

Craig McLuckie - Apr 2

Deploying a Laravel site on Shared Hosting Subdomain

Sospeter Mongare - Apr 1

Protect API Gateway with Amazon Verified Permissions

Jimmy Dahlqvist - Apr 12

Blade Template Engine in Laravel 11

Hòa Nguyễn Coder - Apr 12

Hey! I'm Basim Ghouri 👋 Creative web developer with a demonstrated history of working in the information technology and services industry.

Location

Karachi, Pakistan
Education

Mehran University of Engineering and Technology
Work

Software Developer - GeeksRoot
Joined

May 25, 2022

Command Injection Affecting Apache Directory

#security #hacking #apache #owasp

Security in Laravel: How to Protect Your App Part 3

#laravel #security #requestorgin

Security in Laravel: How to Protect Your App Part 2

#laravel #security #xss