0

I've been looking for a solution to my problem for several days now. Unfortunately I could not find a solution yet.

We work here in our company with Laravel (php) and Windows servers 2016. I have a Laravel web application that runs on an IIS 10 with Windows authentication. For security reasons we have decided to activate fastcgi.impersonate. Since we switched on impersonate in php.ini, there is a permission error on files in the Laravel application (e.g.** laravel.log**). Since then, files are no longer accessed with the IUSR, but with the user account that logs onto the web application (e.g. domain\sabine.sample). However, these users should not have direct access to the file system.

Does anyone know a solution that not the logged-in Windows account accesses the files, but again the IUSR or Apppool user?

My setup:

  • Windows Server 2016
  • IIS 10
  • PHP 7.2.21
  • Laravel 5.8.36

Edit:

These are the errors the browser shows.

First Second

Rene
  • 1
  • 3

1 Answers1

0

It's a common issue when your storage folder doesn't have the right permission. Set the storage permission to 770 example chmod -R 770 /var/www/html/mysite.com/storage

Arif Pavel
  • 93
  • 7
  • In this case, I could give all domain users access to the folder. But won't that cause problems because everyone in the domain has access to all files? The folder may contain sensitive data, which not everyone should have access to. – Rene May 11 '20 at 14:27
  • actually the storage folder meant to be public. think that all public images, files & other assets so it has to be publicly accessible. And 770 is kind of standard for storage folder. – Arif Pavel May 11 '20 at 14:30
  • Agree with Arif. The folder permission causes the problem – Ali Lashini May 11 '20 at 18:43
  • And it's a public folder as Arif said – Ali Lashini May 11 '20 at 18:44
  • Thanks alot! I agree with you that permissions are the way to go here. But now we want the IIS AppPool user to write to the storage folder and not the domain user. Is there a possibility? – Rene May 13 '20 at 06:54
  • You can protect certain file(s), folder(s) using route or configuring filesystem settings. for more see [here](https://stackoverflow.com/questions/30682421/how-to-protect-image-from-public-view-in-laravel-5/56925367#56925367) – Arif Pavel May 13 '20 at 10:08