I make website with laravel, the hacker just changed index.php file in public folder and i set public folder permission to drwxr-xr-x www-data and index.php to -rw-r–r-- www-data. Is my permission wrong ?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Heya @a9b194576b5149d9b291512c41f756,
The permissions of your file are fine, it’s standart practice for files to be 644(
-rw-r--r--
) and for folders to be 755(drwxr-xr-x
).Most likely the issue lies somewhere else rather than your permissions. Usually, these things happen because of an exploit in either the services/packages you have on your Droplet or exploits in your Applications, in this case, Laravel.
The best thing you can do is to always keep everything up to date, additionally keep strong passwords everywhere and try to limit authentication methods to not only passwords but 2FA whenever possible.
Hey there!
Sorry to hear about your website. Security issues can be quite stressful, but let’s see how we can address this and fortify your site for the future.
First off, regarding your permissions, they seem generally okay. For a Laravel application, setting your public directory to
drwxr-xr-x
(755) and yourindex.php
file to-rw-r--r--
(644) under the ownership ofwww-data
is a standard practice. This setup ensures that files and directories are readable and executable where necessary, without granting excessive permissions that could be exploited.However, the issue at hand likely stems from a vulnerability elsewhere in your application or server rather than these specific permissions. Here are a few steps to consider:
Check for any outdated dependencies, Laravel versions, or plugins that might have known vulnerabilities. Utilize tools like Composer to update your dependencies and consider running a vulnerability scanner against your application.
Look through your web server and application logs for any unusual activity or access patterns that could indicate how the attacker gained access. This information can be crucial in preventing future attacks.
It’s possible the attacker made other changes beyond the
index.php
file. Consider using tools likegit
(if your project is under version control) to check for modifications or a tool likefind
to look for recently altered files.Beyond fixing the immediate vulnerability, consider implementing additional security measures such as regularly scanning your application for vulnerabilities, and ensuring all third-party packages are up to date.
I could suggest using the Laravel Enlightn package. It is an
artisan
command-line tool that checks your code and provides you with actionable recommendations on improving your application’s performance, security & more.It’s also a good practice to have a recovery plan in place, including regular backups of your application and database. This way, in the event of a compromise, you can restore your site more quickly and with less loss of data.
Hope this helps, and wishing you luck in securing your site!
Best,
Bobby