I make website with laravel, the hacker just changed index.php file in public folder and i set public folder permission to drwxr-xr-x www-data and index.php to -rw-r–r-- www-data. Is my permission wrong ?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hey there!
Sorry to hear about your website. Security issues can be quite stressful, but let’s see how we can address this and fortify your site for the future.
First off, regarding your permissions, they seem generally okay. For a Laravel application, setting your public directory to drwxr-xr-x (755) and your index.php file to -rw-r--r-- (644) under the ownership of www-data is a standard practice. This setup ensures that files and directories are readable and executable where necessary, without granting excessive permissions that could be exploited.
However, the issue at hand likely stems from a vulnerability elsewhere in your application or server rather than these specific permissions. Here are a few steps to consider:
-
Check for any outdated dependencies, Laravel versions, or plugins that might have known vulnerabilities. Utilize tools like Composer to update your dependencies and consider running a vulnerability scanner against your application.
-
Look through your web server and application logs for any unusual activity or access patterns that could indicate how the attacker gained access. This information can be crucial in preventing future attacks.
-
It’s possible the attacker made other changes beyond the
index.phpfile. Consider using tools likegit(if your project is under version control) to check for modifications or a tool likefindto look for recently altered files. -
Beyond fixing the immediate vulnerability, consider implementing additional security measures such as regularly scanning your application for vulnerabilities, and ensuring all third-party packages are up to date.
I could suggest using the Laravel Enlightn package. It is an artisan command-line tool that checks your code and provides you with actionable recommendations on improving your application’s performance, security & more.
It’s also a good practice to have a recovery plan in place, including regular backups of your application and database. This way, in the event of a compromise, you can restore your site more quickly and with less loss of data.
Hope this helps, and wishing you luck in securing your site!
Best,
Bobby
Heya @a9b194576b5149d9b291512c41f756,
The permissions of your file are fine, it’s standart practice for files to be 644(-rw-r--r--) and for folders to be 755(drwxr-xr-x).
Most likely the issue lies somewhere else rather than your permissions. Usually, these things happen because of an exploit in either the services/packages you have on your Droplet or exploits in your Applications, in this case, Laravel.
The best thing you can do is to always keep everything up to date, additionally keep strong passwords everywhere and try to limit authentication methods to not only passwords but 2FA whenever possible.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.