For each method below, we assume that:
Note also that the simplest and safest way to deploy Laravel on Apache web server would be to set the website document root to the Laravel’s
[app]/public directory. But usually this is not allowed on shared hostings.
Method 1: set the right document root folder
If you are deploying your application on a subdomain, let’s say a subdomain named
http://[app].example.com), most hosting services let’s you to specify the root folder for your subdomain.
So you can simply set the root folder for the subdomain to:
and put the Laravel application inside the folder named
[app] on your hosting.
When your website is accessed at
http://[app].example.com will be served your Laravel application from
Pros: this is the easiest and safest method.
Cons: the hosting service should allow you to choose the document root folder and it’s hard they give you this option for the main domain.
Method 2: create a symbolic link*** (recommended)
Most shared hosting services doesn’t allow you to set the document root folder, but if you have an SSH access you should be able to replace the document root with a symbolic link.
public_html the website document root.
Via SSH, create the
~/[app] folder in your home:
$ cd ~
$ mkdir [app]
Then you can deploy the Laravel application inside the
Create the symbolic link to
[app]/public (be sure that
public_html is empty):
$ rm -r public_html
$ ln -s [app]/public public_html
Now it’s like the document root folder is
Pros: safe and quite easy.
Cons: the hosting service should allow you to create symbolic links, this usually means you need an SSH access.
Method 3: add an .htaccess in the application root (unsafe)
You can add an
.htaccess file in the root of your Laravel application, with this content:
# Turn Off mod_dir Redirect For Existing Directories
# Rewrite For Public Folder
RewriteRule ^(.*)$ public/$1 [L]
In your hosting service just put the Laravel application, with the above
.htaccess, inside the website document root folder (e.g. the
public_html folder). All incoming requests will be rewritten to point inside the public folder.
This is an unsafe method since the Laravel application root folder become the website document root. This could publicly expose some private data (e.g. the
.env file) if something go wrong, for example if you accidentally remove the
.htaccess file from the application’s root.
Also this method breaks the url
http://example.com/public) that will show the content of the public directory instead of be available inside the Laravel application.
Cons: unsafe and breaks the url
Method 4: move the public folder
You can find around the web some nice tutorial that will show you how to move the Laravel’s public folder under the website document root, leaving outside the rest of the application (in a private and safe place). You will need to change some paths inside the
index.php file in order to get it working.
A really good tutorial is this one:
Personally, I would prefer to add the
.htaccess file (method 3) over this method, since it is less invasive, it preserves the default Laravel application structure, and both the development and the deployment process will be easier.
But, if you need the most safe method for your application then you should take in account this last method.
Pros: safe and applicable on most hosting services.
Cons: a bit complex to implement; needs some tricks to properly works and to manage the deployment process.