A lot of programmers when are using linux as server for Laravel or any other PHP framework, use 777 permission to all file/folders of the project, it is easy, fast ans works, but has a security failure.

If a user upload a malicious file on server, he has the permission to execute this file and create a big problem. If you use Laravel, a good practice to help to fix this is set file permission as 644 and directory permission as 755, you can do this with this code:

sudo find {laravel-folder}/ -type f -exec chmod 644 {} \; 
sudo find {laravel-folder}/ -type d -exec chmod 755 {} \;

In Laravel you need to set storage and cache directory with 777 permission:

sudo chmod -R 777 {laravel-folder}/storage
sudo chmod -R 777 {laravel-folder}/bootstrap/cache/

You are never 100% safe of hackers, but now you have a better protection.