Drupal defines four main types of file storage for any given site: the public, the private, the temporary and the translation filesystems. When installing Drupal, the folders that map to these filesystems are created automatically. In case that fails—most likely due to permission issues—we have to create them ourselves and give them the correct permissions. Drupal takes care of the rest (for example, adds relevant .htaccess files for security reasons). Make sure you check out the documentation on Drupal.org for how to successfully install Drupal 8 if you are unsure how this works.
Public files are available to the world at large for viewing or downloading. This is where things such as image content, logos, and anything that can be downloaded are stored. Your public file directory must exist somewhere under Drupal's root, and it must be readable and writeable by whatever user your web server is running under. Public files have no access restrictions. Anyone, at any time, can navigate directly to a public file and view or download it. This also means that accessing these files does not require Drupal to bootstrap.
We can configure the path to the public filesystem in our settings.php file:
$settings['file_public_path'] = 'sites/default/files';
Private files, on the other hand, are not available to the world for general download. Therefore, the private files' directory must not be accessible via the web. However, it still has to be writeable by the web server user. Isolating private files this way allows developers to control who can and can't access them. For instance, we could write a module that only allows users who have a specific role to access PDFs in the private filesystem.
We can configure the path to the private filesystem in our settings.php file:
$settings['file_private_path'] = 'sites/default/private';
Temporary file storage is typically only used by Drupal for internal operations. When files are first saved by Drupal, they are initially written into the temporary filesystem so they can be checked for security issues. After they have been deemed safe, they are written to their final location.
We can configure the path to the temporary filesystem through the UI:
On the same configuration screen, we can also specify the default file download method for the site. By default, this is set to the public filesystem.
Finally, the translation file storage is used by Drupal for storing the .po files that contain string translation values that can be imported into the system in bulk. As with the temporary file storage, we can configure the location of translation files through the UI.