fix: RateLimit graceful degradation on permission denied

Silence mkdir() with @ operator; guard file_put_contents with
is_writable() check. When storage/cache/rate_limit is not writable
by php-fpm, requests are allowed through instead of throwing
warnings that flood the nginx error log.

scripts/setup-server.sh

@@ -82,6 +82,12 @@ if [ -d "$APP_DIR/storage" ]; then
     ok "Storage: 2775, databases: 660"
 fi
 
+# Ensure writable cache subdirectories exist for php-fpm (www-data)
+mkdir -p "$APP_DIR/storage/cache/rate_limit"
+chown -R "$WEB_USER:$APP_GROUP" "$APP_DIR/storage/cache"
+chmod -R 2775 "$APP_DIR/storage/cache"
+ok "Cache dirs: created and owned by $WEB_USER:$APP_GROUP"
+
 printf "\n"
 ok "Setup complete."
 printf "\nNext steps:\n"