Currently I can call my app (PHP) with the following URL:
http://localhost/app/public/index.html
Is there some way to hide the public in the url, so I can access the app just with http://localhost/app/index.html?
With the .htaccess file it should be possible. I am using XAMPP.
Don't use mod_rewrite for this. Instead, just set your web server's configuration such that the DOCUMENT_ROOT is pointing to public and not a directory above it. This will have the desired effect as well as preventing your server from handing out things that aren't intended to be public.
Edit: Note, this requires name-based virtual hosting and will require you do effectively dedicate a domain name to your app, but that's not a big deal.
Related
Working with zf2, we have configured the project successfully in local env, we deployed the same code to server, but there..only the IndexController action is working.
like www.project.com/public/ works,
but when I access other modules like
www.project.com/public/country doesn't work.
This means the mod_rewrite rules to rewrite all requests to your index.php file are not being used. Generally this means either:
The .htaccess file was not uploaded (check the public folder on the server to see if it's there)
The .htaccess file is being ignored (check AllowOverride for the vhost on the live server)
Also, really public/ should not appear in your URLs. Unless you are using shared hosting (where this can be tricky), you want to point your vhost's document root at the public folder.
In a proper Zend setup an error should come from Zend. When you get an error like this, returned from Apache, your apache configuration is not working. Your Zend application isn't even considered, i.e. the index.php in your public folder.
It's a save guess that your [public/].htaccess isn't used. Check your apache web configuration. Most likely you're missing the AllowOverride All statement which is usually inside the <Directory> statement.
And as mentioned by Tim you really should not have public/ in your path to begin with.
I'm about to start running three different environments of our PHP application - Development, Staging and Production. Some of our customers will get access to Staging to help us test new features with real customers before it his production.
Our application is running on AWS EC2 though an elastic load balancer using HTTPS only. I need a way to allow users to go to https://mydomain.com/staging and be redirected to the staging environment (would still show https://mydomain.com/staging in the address bar, but they'd be getting content from a different set of servers). There will be some code in Staging that will ensure their account has been approved for Staging access and will allow them in or redirect them to the main application.
I can't seem to figure out how to write this in .htaccess. I've tried a number of things I've found online and haven't gotten it to work. I am beginning to think it may make more sense to have a real directory even in the production environment called 'staging' and have an index.php file inside that checks their account and redirects them based on the result.
However, I'd like to avoid having to purchase another SSL certificate for this, so instead of using a subdomain for staging, I'd like to use a virtual directory. Does that make sense?
Thanks in advance.
You need to enable the use of .htaccess in your httpd config file (you can do so by finding the line in your conf file that has AllowOverride None and change it AllowOverride All) and then place a .htaccess in a folder in your html folder called staging with the following line
Redirect /staging http://whereverYourStagingEnvoIs
I would recommend using a subdomain instead of a subdirectory, staging.mydomain.com
Then in your host records for mydomain.com you could point staging to whatever server you like.
I have an idea that will allow a Web Forums Content/Threads to be better indexed by search engines but avoid taking up too much unnecessary space on the web server.
My idea is not unique(I think StackOverflow uses it) but I am having difficulty working out how I am going to achieve redirecting through .htaccess commands or main server configuration files.
For a web forum website; when a new thread is created:
I store the thread HTML in an SQL database(rather than creating a HTML file which I think will take up more server space - is that correct?).
I create a directory on the server where the directory's name is the threads name(this will allow for easier indexing from google & other search engines wont it? Because the url is more descriptive?). So www.myForum.com/posts/unique_thread_name/. I think this is how StackOverflow does this, if you look at the url of my question its a directory.
The new directory(thread directory) will be empty except for a .htaccess file which will redirect to a script www.myForum.com/cgi-bin/loadWebpage.py. This script will grab the thread's HTML from the database when accessed & display that thread.
So when someone accesses www.myForum.com/posts/unique_thread_name/, the .htaccess file will redirect to www.myForum.com/cgi-bin/loadWebpage.py?thread=unique_thread_name. Notice the arguments, is it possible for a .htaccess file to redirect to a script but pass arguments aswell?
My Questions:
The apache website says you should never use .htaccess files "In general, you should never use .htaccess files unless you don't have access to the main server configuration file.". If I am using a webhost like GoDaddy do I have access to this file or is this server config file only for VPS?
Is it better to do this with the Server Config file instead?
Is there a way easier way of doing this? The whole idea is to store Forum Threads that take up as little space as possible but are still easy for search engines to index(thus the unique directories created).
Do I NOT need to create a .htaccess file in each post directory? Can I just write in my main .htaccess file that any request to a file/folder in posts should redirect to www.myForum.com/cgi-bin/loadWebpage.py?thread=the directory they accessed?
Maybe the code would look something like this?
Redirect /posts/* www.myForum.com/cgi-bin/loadWebpage.py?thread="HOW DO I SPECIFY THE FOLDER?"
If I am using a webhost like GoDaddy do I have access to this file or is this server config file only for VPS?
Godaddy shared hosting only allows .htaccess use.
Is it better to do this with the Server Config file instead?
Its better performing if you have access to Server Config, but shared hosting like Godaddy does not allow it.
Do I NOT need to create a .htaccess file in each post directory? Can I just write in my main .htaccess file that any request to a file/folder in posts should redirect to www.myForum.com/cgi-bin/loadWebpage.py?thread=the directory they accessed?
You can do it with a single .htaccess in the root dir of your site with contents as below
RewriteEngine on
RewriteBase /
RewriteRule ^posts/(.+)/$ /cgi-bin/loadWebpage.py?thread=$1 [NC,L]
I have django running with wsgi and apache.
I want to route some URLs to PHP part of the website. Because both the django/wsgi and PHP content requires SSL, I can't use virtual name hosting. How can I do this?
RewriteEngine in Apache config doesn't work, because there is no alternate NameVirtualHost to redirect to?
Can I have urls.py redirect to a PHP file, instead of a django application view?
Thanks!
You can put an alias to the php areas before your WSGIScriptAlias line in the virtual host section to get the desired result. I've just tested it:
alias /somefolder/ /srv/www.site.com/www/somefolder/
WSGIScriptAlias / /srv/www.site.com/myapp/app.wsgi
I can put php files into /srv/www.site.com/www/somefolder/ and they run as PHP.
Seems like it could be a major security issue as all requests are passed though Django when the Apache vhost has WGSI enabled. Just as it is not recommended to serve media though Django in production, this is likely not recommended.
That said, you might want to look at handling this like static media in PHP. Not sure that it will work, and I really would not recommend it, but you can give this a try:
urlpatterns = patterns(
(r'^php/(?P<path>.*)$', 'django.views.static.serve', {'document_root': '/abs/path/to/php'}),
)
for example i have this url: http://localhost/miSite/uploads/ and by doing:
http://localhost/miSite/uploads/../includes/, this results in a directory (includes) linsting.
It'd be great if you could tell me a way to resolve this.
Directory Indexing
You can also use .htaccess to disable indexing, or Directory Browsing. By default, this option is turned on in the server's configuration files. To disable this, add this line to your .htaccess file:
Options -Indexes
The possibility of using relative references is not a real problem:
http://localhost/miSite/uploads/../includes/
resolves to
http://localhost/miSite/includes/
which can be addressed directly anyway. If you have sensitive files in there, you should move them outside the web root, or block the directory listing.
What would be a real problem is if the following would work:
http://localhost/../miSite/includes/
which would serve files outside the document root. But that will not happen with an up-to-date web server.
There's 3 things you can do, ranging from least secure to most secure.
Disable indexes as proposed by #Lizard
Make a rule in the htaccess file to deny access to folders people aren't allowed to access
Move the files that shouldn't be accessed outside of the DocumentRoot.