Laravel – Deploy on shared hosting

For each method below, we assume that:

Note also that the simplest and safest way to deploy Laravel on Apache web server would be to set the website document root to the Laravel’s [app]/public directory. But usually this is not allowed on shared hostings.

Method 1: set the right document root folder

If you are deploying your application on a subdomain, let’s say a subdomain named [app] (i.e. http://[app], most hosting services let’s you to specify the root folder for your subdomain.

So you can simply set the root folder for the subdomain to:


and put the Laravel application inside the folder named [app] on your hosting.

When your website is accessed at http://[app] will be served your Laravel application from [app]/public.

Pros: this is the easiest and safest method.
Cons: the hosting service should allow you to choose the document root folder and it’s hard they give you this option for the main domain.

Method 2: create a symbolic link*** (recommended)

Most shared hosting services doesn’t allow you to set the document root folder, but if you have an SSH access you should be able to replace the document root with a symbolic link.

Let be public_html the website document root.

Via SSH, create the ~/[app] folder in your home:

$ cd ~
$ mkdir [app]

Then you can deploy the Laravel application inside the [app] folder.

Create the symbolic link to [app]/public (be sure that public_html is empty):

$ rm -r public_html
$ ln -s [app]/public public_html

Now it’s like the document root folder is [app]/public.

Pros: safe and quite easy.
Cons: the hosting service should allow you to create symbolic links, this usually means you need an SSH access.

Method 3: add an .htaccess in the application root (unsafe)

You can add an .htaccess file in the root of your Laravel application, with this content:

  # Turn Off mod_dir Redirect For Existing Directories
  DirectorySlash Off
  # Rewrite For Public Folder
  RewriteEngine on
  RewriteRule ^(.*)$ public/$1 [L]

In your hosting service just put the Laravel application, with the above .htaccess, inside the website document root folder (e.g. the public_html folder). All incoming requests will be rewritten to point inside the public folder.

This is an unsafe method since the Laravel application root folder become the website document root. This could publicly expose some private data (e.g. the .env file) if something go wrong, for example if you accidentally remove the .htaccess file from the application’s root.

Also this method breaks the url /public (e.g. that will show the content of the public directory instead of be available inside the Laravel application.

Pros: easy.
Cons: unsafe and breaks the url /public.

Method 4: move the public folder

You can find around the web some nice tutorial that will show you how to move the Laravel’s public folder under the website document root, leaving outside the rest of the application (in a private and safe place). You will need to change some paths inside the index.php file in order to get it working.

A really good tutorial is this one:

Personally, I would prefer to add the .htaccess file (method 3) over this method, since it is less invasive, it preserves the default Laravel application structure, and both the development and the deployment process will be easier.

But, if you need the most safe method for your application then you should take in account this last method.

Pros: safe and applicable on most hosting services.
Cons: a bit complex to implement; needs some tricks to properly works and to manage the deployment process.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s