One of the most common headaches when deploying a Laravel app is getting the file and directory permissions right. You’ve probably seen errors like:
Permission denied
The stream or file could not be opened
mkdir(): Permission denied
Unable to write in the “/public/uploads” directory.
This quick guide walks you through setting correct permissions for a Laravel site deployed to Nginx on Ubuntu, using /var/www/yourwebsite.com as the example directory.
🧱 Why Permissions Matter
Laravel needs certain directories to be writable—specifically storage/ and bootstrap/cache/. Everything else should not be writable to protect your app from malicious uploads or file tampering.
If your app breaks after deployment or throws obscure errors, it’s probably a permissions problem.
🔧 Step-by-Step: Set Proper Permissions
1. Set Ownership
Make sure the web server user (typically www-data) owns the Laravel directory:
This Bash script is designed to resolve common file and directory permission issues encountered when deploying Laravel applications on Ubuntu with Nginx. It sets the correct ownership, applies appropriate permissions to the Laravel writable directories (storage, bootstrap/cache, and public/uploads), and ensures secure default permissions elsewhere in the project.
How to Use:
Update the PROJECT_ROOT variable to point to your Laravel project’s root directory.
Add any additional writable directories (such as public/uploads) to the WRITABLE_DIRS array as needed.
Save the script as fix-laravel-permissions.sh.
Make it executable: chmod +x fix-laravel-permissions.sh
Run the script as root or with sudo: sudo ./fix-laravel-permissions.sh
#!/usr/bin/env bash
# fix-laravel-permissions.sh
# Fixes Laravel file and directory permissions on Ubuntu/Nginx
# === CONFIGURATION ===
PROJECT_ROOT="/var/www/my-laravel-app"
NGINX_USER="www-data"
NGINX_GROUP="www-data"
WRITABLE_DIRS=("storage" "bootstrap/cache" "public/uploads")
# === SCRIPT START ===
set -euo pipefail
echo "Fixing permissions in $PROJECT_ROOT..."
# 1. Set ownership to web server user
chown -R "$NGINX_USER:$NGINX_GROUP" "$PROJECT_ROOT"
# 2. Ensure writable directories have proper permissions
for dir in "${WRITABLE_DIRS[@]}"; do
FULL_PATH="$PROJECT_ROOT/$dir"
if [ -d "$FULL_PATH" ]; then
chmod -R ug+rwx "$FULL_PATH"
else
echo "Warning: $FULL_PATH does not exist, skipping."
fi
done
# 3. Set safe defaults for other files and directories
find "$PROJECT_ROOT" -type d ! -path "$PROJECT_ROOT/storage/*" ! -path "$PROJECT_ROOT/bootstrap/cache/*" ! -path "$PROJECT_ROOT/public/uploads/*" -exec chmod 755 {} +
find "$PROJECT_ROOT" -type f ! -path "$PROJECT_ROOT/storage/*" ! -path "$PROJECT_ROOT/bootstrap/cache/*" ! -path "$PROJECT_ROOT/public/uploads/*" -exec chmod 644 {} +
echo "Permissions have been set successfully."
Ask ChatGPT
Pro Tip: Use umask in Dev Environments
If you edit files alongside the server, set your shell’s umask to allow group write access:
umask 002
Still Having Issues?
Make sure Nginx is configured to use www-data. Check this in /etc/nginx/nginx.conf:
user www-data;
Also confirm PHP-FPM is running as www-data by checking:
Laravel permissions can be frustrating, but once you know what’s required, it’s easy to bake into your deployment scripts. If this post helped you, share it or save it—you’ll definitely need it again.
