5 frequently faced problems and their life saver fixs on Laravel for beginners

Murad Shukurlu
4 min readJan 27, 2019


In this blog post i am going to talk about some encountered technical problems on Laravel for beginners. You feel free yourself to give any recommendation and correction for this article.

Content :

  1. HTTP 500 ERROR
  2. RuntimeException No application encryption key has been specified.
  3. php artisan serve — No Such file or directory
  4. How to hide public folder?
  5. CSRF Protection

Before start for talking fixes . I would like to emphrize those 5 isues is not bug of Laravel . Each of them has their reason why they occur . During fixes problem i will try to talk about shortly what is the reason .

I would like to empharize every problem occured by laravel storing its logs to file under /storage/logs/laravel.log path I recommand u can look at there if you have not find any solution for your issue between our issues list .My mean anyway you may able to find any log there if you have been meet a problem morever my guide gives you a short way to find solution qucikly.


If you are facing such type error on Laravel version above 5.5 or equal . First thing is to check php version of server . If your server using PHP version under 7 probably the issue related with php version . Dont forget Laravel uses at least PHP 7, and 7.1.3 regarding to its versions 5.5 and 5.6,5.7 .

If it doesnot work yet on the right version you can check if your dependiences really installed or not?

This may be causing by uncompleted installiation .Mainly when u pull a repo by git you need to reinstall all packages via composer .

For installing packages run this command on termial:

composer install

If again you are not get success then check log file of laravel via folder


If there is no use again you must be look at your server-side logs (this is deep note that you may can see all errors instead of this 500 error page on browser while enabling error_reporting and display_error on your php.ini file but this way is not recommand in prodaction)

2. RuntimeException No application encryption key has been specified.

If you see this error while you launching your site dont worry just try to run those commands .

php artisan key:generate

php artisan config:cache

3.php artisan serve No such file or directory

One time i faced with the question from one of my virtual friend he asked me why this problem grown? while revening of his codes i found he have a big problem becuase he have been delete public folder of laravel architectura.So that when he want to start laravel local server its server could not start to work with php artisan serve command. This is really critical problem. There is a reason why public folder is exist there .Both public folder include front side of the project and it has security responsibilty .So when developer removing public folder and move the core files to one folder above . Then core files , logs , blade themplates is reachable by attackers .The getting datas may be used for hacking your site . Dont forget if you have move your index.php files form public folder may be your .env file and its critical content is available by someone just look at this address for testing http://yourdomain.com/.env .

I suggest you get your public folder back and use it as a main folder of your site . I suggest you look at this topic and my answer on stackoverflow .

4.How to hide public folder? — is a good question .

If you have already read previous centence of my post i have talked about its negative side when laravel public folder hiding by wrong ways .

I dont recommand to anyone remove public folder for using in best practise .

If you have made it on your old projects and you want to protect your system i just recommand u can protect your all critical files , folders by forbidden error by .htaccess . If you have effort you can get back your public foder firstly.

For denying any file you can use this .htaccess rule (in this example .env is denyed file name) :

<Files ".env">
Order Allow,Deny
Deny from all

In my case the correct way of hidding public folder is configure your main folder to the “public” folder via your nginx , apache configration .

I want to make a note for easy way to solv this problem .

You can create .htaccess file in your root folder and add those content there :

<IfModule mod_rewrite.c>
RewriteEngine On

RewriteRule ^(.*)$ public/$1 [L]

RewriteRule ^/public/?(.*) https://%{SERVER_NAME}/$1 [R,L]

Try again reloading your site without public folder

5.CSRF token missing (Cross Site Request Force) .

I think even beginner level developers already know when this error grown and how they can fix it (This is a great stuff require us using csrf field)

This error grown when you apply with post request to a page due to missing csrf token .

Csrf mean is CROSS SITE REQUEST FORCE this is a security vulnerability name . Attacker can be reset your user’s password , update informations even can be delete all of important datas if we dont use csrf protection . (You can look for about csrf vulnerability if you interest about it on Google)

The error says us we need to use csrf protection on our post request . This investigate our request from attackers request . While you missing csrf field gives you this error .

The solution is very simple you can add only this line between your form tag


For example :

<form action=”” method=”POST”>


<input name=”name” />

<button type=”submit”></button>


I hope this article had been usefull for you . Please make a clap and note your comments to this article for improving this article and nexts .