how can i know where is my web root folder ?
and how to put folders out of web root folder?
and how to test that they are not accessible from outside ?
the structure of my hosting is like this:
www.website.com :
public_html/
includes /
logs/
...
is it enough to protect includes folder and logs folder with htaccess? and are they out of web root in this case?
i know that $server[document root] provide the root of my website , but i am confused about how to put files out of it , any help would be welcome , thanks for all
All your files are currently in the public web root folder.
The 'inside' of your root is your publichtml/. Everything you place in there will be publicly accessible.
The name of your root can vary from host to host, often public_html or httpdocs.
The 'outside' is one directory up. But remember some hosts do not give enough permissions.
You cannot test documents outside your root, because they are not accessible. Only something like PHP can access those files. That's why you do not place your img/JS/CSS files outside the root cause they need direct access.
You can however serve them through your PHP.
Related
I just was wondering if the robots.txt file is supposed to work like general robots txt files. So, you type for example "disallow/admin/*" place it into the the root Laravel folder and that's it.
Is it like this ?
Remember, that website address is relevant to public dir. So,
if you want robots.txt to work in Laravel, it must be placed in the public folder.
robots.txt is a special file used by search bots to read and crawl the website resources.
robots.txt should be at the root of the website.
The root directory differs from OS to OS. I am giving a few of them. Better that you consult with your server admin.
Example:
/public_html
/htdocs
/html
Is it possible to include file from the ftp's root in a script in a subdomain ?
This doesn't work for me:
include($_SERVER['DOCUMENT_ROOT'].'/joomla.php');
Can someone help me ?
I think first you need to determine where is your subdomain files are placed and echo the $_SERVER['DOCUMENT_ROOT'] command to see the full path then you can combine two paths and make necessary adjustments.
Usually but not always, subdomain files are placed in a folder one level up then the main site's root folder so you may need to replace the folder name according to your needs in the output of server document folder function.
To give an example if your domain files are in a path like
/var/www/vhosts/example.com/httpdocs/
and if your subdomain path is like
/var/www/vhosts/example.com/subdomain/
then you will need to replace httpdocs with subdomain (or the other way around) in the output where you call $_SERVER['DOCUMENT_ROOT']
I'm working on small project, and will host it on normal Godaddy host plan, the problem is: all file system will be accessible through internet.
so, how can I prevent access to any folder or file except /public
CONTRIBUTING.md
app/
artisan
bootstrap/
composer.json
composer.lock
phpunit.xml
public/
server.php
vendor/
thanks,
Why not split the project up? Upload the contents of public to your document root and the rest somewhere else (like your home directory). Then just modify the two paths in the public/index.php file to point to the right locations, eg
$path = __DIR__ . '/../my-app';
require $path . '/bootstrap/autoload.php';
$app = require_once $path . '/bootstrap/start.php';
If you point your apache site document root to /public, there is no way people can access any other file in your application outside your public. Even if they try to do things like:
http://yoursite.com/../
EDIT:
This is not something you should rely on a framework to do, securing directories on your site is the web server job, so you need to find a solution on your server: virtual host, document root, web root, domain directory or even .htaccess configuration.
In some shared hosting companies you can do that easily, some have cPanel or Plesk, but other, like Hostgator, will give you just enough configuration so you can change your directory root to /public. Looks like GoDaddy doesn't help much if you don't have a cPanel account, but, still, there are tricks to help you doing it the way you should be doing: http://support.godaddy.com/help/article/4067/setting-up-a-non-web-accessible-root-folder. Probably there are others around.
I have a CakePHP project uploaded to the server:
httpdocs/cakephp/app/...
My domain name, for example www.mydomain.com is directed to httpdocs/cakephp
Now.. I need to access an image folder that it's otside the webroot of CakePhp:
httpdocs/resources/images/...
The problem is that I can't see files outside the cakephp folder when I go to www.mydomain.com, If I try with ../../resources/images.... I just get www.mydomain.com/resoures/images with an error.
How can I solve this?
Thank you!
Just symlink the resouces folder in your webroot folder.
Alternatively you can send the files through php. The CakePHP book describes this here for >2.3 and here.
Also it is not a good idea to put the whole cake folder in the root of your domain, you should set your app/webroot has the root of your host.
I have a development server at dev.mysite.com and I am working with coda and git to make commits and pushes to the repo which has a developmenet branch that points to my dev domain.
The file structure as of right now is this. As of right now does anyone see anything that I should reconsider changing. I'm asking this because of having a public_html inside the dev folder or what. With this setup currently when I load dev.mysite.com it shows the index of / which shows .gitignore, .git, and public_html.
../
/dev
/mysite.com
.git
.gitignore
/application
/public_html
/assets
index.php
/system
/mysecondsite.com
/application
/public_html
/assets
/index.php
/system
/sites
/mysecondsite.com
/application
/system
index.php
Does anybody have any ideas?
If you want to have a development environment and a production environment. While having the core files for CI outside of a public_html. You have to redefine your document root. I assume you are using a server the comes with cPanel as your means of administration for your server.
So that said, you go into your cpanel and where you defined your dev subdomain, you should be able to edit the document root folder. So on the server in your dev folder you will add a public_html like I gather you already have from the example above. And with your current folder settings for dev you add /public_html to the string that is the folder path now.
Once you do that allow a minute or two for it to delegate to the server from cPanel. And move your folders around as you see fit.
From there, you find the root index.php and open that up, find the references for your application folder and your system folder and change them to match the paths they should be looking for now. Likely using relative paths.. ie: ../../applications for example. Save your index.php
Assuming you have done everything in general correct your copy of CI should load correctly as it did when you didnt have everything in the folders split up like you want..