I have a symfony2 project that somehow was running fine while it was outside the public_html directory, but now it's not working (the path is not allowed anymore, apparently).
Now I need to move the symfony2 directory into public_html, but when I do, the website is still not working (the page is blank).
I modified app.php so the include path is the correct one, and I also modified the projectConfiguration class so it has the right WebDir. What am I missing?
alternatively, how can I make it work outside the public_html directory?
for the record, I'm completely new to symfony.
The cache was the culprit.
I cleaned symfony's cache (removed all the contents residing in the cache folder) and the website came back to normal.
thanks to fos.alex for the comment/answer.
Related
Following an audit, I've been tasked to remove extraneous files from the Twig 1.x vendor directory in one of our sites. Planning on removing /twig/twig/doc, /twig/twig/test and see if anything breaks.
What about /twig/twig/ext/twig/run-tests.php, or the entire "ext" directory?
Does anyone have prior experience weeding a default Twig 1.x installation for production environments? Any assistance or advice gratefully welcomed.
The correct action would be to update your site's layout so that these files are outside your web server's document root -- then you don't have to worry about what to delete and what to leave. You probably have something like this, where your web server's document root is pointing directly at /path/to/project:
/path/to/project
/lib
foo.php
bar.php
/twig
/twig
/doc
/test
index.php
This means anybody can directly request http://yourdomain.com/twig/twig/test/some_file.php
What you want is more like this:
/path/to/project
/public
index.php
/lib
foo.php
bar.php
/twig
/twig
/doc
/test
Then configure your web server so that its document root is /path/to/project/public. Then your application code can still include() things in /twig and /lib, but your web server won't directly serve them.
If your removing files from the vendor directory they'll come back the next time you do a composer install so this seems kind of pointless.
The files you mention (docs and test) are causing no harm other than taking up space as they are not directly called, but that's just a downside to any package management system. Like #Alex said as long as they are not publicly accessible there is no need to worry.
If you really want Twig without the extra files you could fork the project, move it into your own Git repo then reference that in your composer.json instead of the official one - but you will miss out on any updates from Twig.
We're running on Apache, so the easiest solution was to simply add a .htaccess file to the top vendor directory:
# Prevent non-local access to the vendor directory.
Order deny,allow
Deny from all
Directory structure:
/root
/vendor
.htaccess
/twig
...
/includes
...
Now the PHP scripts continue to have access, but external attempts to view anything inside the vendor directory return a 403 error.
I am using Cakephp3 and would like to know if there is a better alternative to relocating the config folder.
The issue rises from the fact that everytime I have to refresh the production app, i copy over the entire app from development to production and reconfigure the required settings in the config folder.
After some iterations of this process, I started to make a backup of the config folder and after copying the app, restore the config folder.
After some time even this started to get tedious, so I ended up hacking the cake files and folders.
I relocated the config folder outside the root directory
Created a symbolic link in the root directory poiting to the config directory outside the root directory.
Updated the ROOT constant in config/paths.php to the real root folder
In webroot/index.php redefined the bootstrap.php require location
So as long as long as I dont update the cakephp core, I can copy over the dev app to the prod app and all the config stays the same.
I would like to know if some one has a simpler approach.
Thanks
After some research and reading carefully the comments in related bootstrap file, I found a solution for, well at least, my problem.
The problem basically was that I had to refresh the database, email, debug settings define in the app.php file, everytime I uploaded the app from my dev server to my prod server.
Reading the comments in the bootstrap file I found the comment which stated:
Load an environment local configuration file.
You can use a file like app_local.php to provide local overrides to your
shared configuration.
So this allows me to redefine the configurations defined in the app.php file. However I wanted this to me more dynamic, so I ended up creating an APP_INSTANCE_NAME constant in the bootstrap.php file of the webroot directory as follows
// /config/bootstrap.php
define('APP_INSTANCE_NAME', strtolower(gethostname()));
and later in the bootstrap file, i did the following:
Configure::load('app_' . APP_INSTANCE_NAME, 'default');
with this change, the configuration that gets loaded is based on the server hostname and I dont have to relocate the config folder. Hope this helps someone with cakephp3
Thanks to jason and greg's comments which motivated me to read the comments more carefully.
I'm new in Laravel 5.
I found this Laravel 5 - Remove public from URL on Stack Overflow to remove public folder from my Laravel 5 App. Only I have a question about the security.
When I am removing public from URL, then I have to change the basic folder structure of Laravel 5. Yes, it's working fine without the public from the URL.
But what's about the security of Laravel, because I am changing the default folder structure? Is it secure to use?
You should be pointing your Apache host root to the $LARAVEL_PATH/public directory instead of $LARAVEL_PATH.
The point of having sub directory for www host root instead of project root is that you're not leaking any of your project files through your web server.
Even though all the PHP files have the file suffix .php, malicious user can access your $LARAVEL_PATH/storagedirectory and its subdirectory contents, read your composer.json or package.json to find vulnerable dependencies or read .env file etc.
If you're running on shared hosting and you have mandatory public_html, try installing Laravel outside of that public_html directory and either removing public_html (if empty) and replace it with symlink to $LARAVEL_PATH/public OR if you want the Laravel instance to be subdirectory ofpublic_html, do the same but create symlink from$LARAVEL_PATH/publictopublic_html/$PROJECT_SUBDIR`.
That public directory is there for reason to make project a bit more secure. Solve the actual problem and don't try to break this simple but nice security addition. :)
you this link you provided is not about changing the actual file structure of the framework, this example uses mod_rewrite to rewrite the url of your application. In other words you are telling your server that you would like to point to that directory without the full path is visible to the end user.
Also take a look on the below answers of the link you've provided.
Rename the server.php in the your Laravel root folder to index.php and
copy the .htaccess file from /public directory to your Laravel root
folder. -- Thats it !! :)
I completed the quickstart tutorial, but I feel really unclear on a few things. I started the guide initially expecting everything to be on my remote server, but it actually seems to be a guide for a local setup. I have everything on my server, and I have the hosts file on my local computer routing to the server, for ex. this is the entry in my hosts file server-ip quickstart.local.
1) Currently, I have everything beneath public_html. Where should I put all the Zend files (bin, demos, incubator, etc..)? www/public_html/[zend-files],www/public_html/quickstart/
2) Where do I put the quickstart (project) folder? Am I supposed to create an index.php that routes to the public folder in the project folder? At the moment, it is at public_html/quickstart/.
I feel silly and embarrassed for asking, because I feel like this is something really obvious.
Actually, you'll need only the Zend folder, which is the library itself.
On the public_html you need to put only the files located in the public folder of your project.
Folders like application and library should stay out of public_html.
For example
/home/my_project/public_html (public folder from zend)
/home/my_project/private (the other files, like application and library)
Instead of put the Zend library inside your project library folder, you can put it on the php include_path.
The second option, maybe the best, is to configure your virtual hosts and set the public folder (application public folder) as the root folder for your domain quickstart-local
So, you will end up with /home/my_project/public as your root folder and /home/my_project/application as your private folder.
You'll need to setup your index.php and application.ini with the appropriated paths.
As soon as you work with more than one framework version at a time, using symlinks becomes a good option. It is also much better for development than using the include path because you automatically have code assist for ZF code. We organize our projects as follows:
/application
/httpdocs
/library
/Project
/Zend (->symlink to the Zend folder of the needed version)
/ZendX (->dito)
/tests
And now, if you're about to say that 'symlinks' don't work on Windows, don't say it. It's utter rubish. It works perfectly well.
On my local setup I have a load of different CakePHP websites. I'm using a Mac so the folder structure is something like ~/Users/cameron/Sites/sample-website and then within each of these websites I will have the typical Cake folder and App folder.
What I would like to do is have just a core cake folder and then have ALL the sites pull from that one cake core so I don't have the same stuff several times over. I have been reading some tutorials on the web: http://rickguyer.com/cakephp-one-core-many-apps/
So I have my cake folder here: ~/Users/cameron/Sites/cake-1.3/ and then my site here: ~/Users/cameron/Sites/sample-site/ and in this folder I have the usual app folder and htaccess to tell it where to find webroot etc.
Now I have edited the index.php file inside webroot like the tutorial BUT have only changed one line because I haven't moved my files OUTSIDE of the App folder like he does. So the only like I have changed is as follows:
if (!defined('CAKE_CORE_INCLUDE_PATH'))
{
define('CAKE_CORE_INCLUDE_PATH', '..'.DS.'..'.DS.'cake-1.3');
}
As far as I can tell that is correctly looking two directories up and finding a folder called cake-1.3 however it just gives a error 500?
Any ideas what the problem is? Thanks
EDIT:
Even doing this doesn't work???
Which If I echo: echo CAKE_CORE_INCLUDE_PATH; gives /Users/cameron/Sites/cake-1.3 and if I paste that in the address bar it loads up the cake folder so it's definitely the correct folder structure JUST it doesn't like looking at cake outside of the main url?
if (!defined('CAKE_CORE_INCLUDE_PATH'))
{
define('CAKE_CORE_INCLUDE_PATH', DS.'Users'.DS.'cameron'.DS.'Sites'.DS.'cake-1.3'); echo CAKE_CORE_INCLUDE_PATH;
}
You are right on the money with:
define('CAKE_CORE_INCLUDE_PATH', DS.'Users'.DS.'cameron'.DS.'Sites'.DS.'cake-1.3');
Just make sure that Users sits in root. In other words, when you go to terminal you can get to this directory by typing: cd /Users/cameron/Sites/cake-1.3
It looks like you may be on a MAC. If so, your linking is correct. Most of the time what I find is you have done a copy paste of the app directory and it does not get the .htaccess files. I would check those first. But here is a comprehensive list of what you should verify:
Make sure the host is pointing to
the correct directory
(/Users/cameron/Sites/sample-site/)
Verify mod_rewrite is in fact on.
Verify you have copied the .htaccess
file in both the
/Users/cameron/Sites/sample-site/
and the
/Users/cameron/Sites/sample-site/webroot
directories.
Confirm that the
/Users/cameron/Sites/cake-1.3/
directory has a directory called
cake in it that contains the core.
Once all of this is confirmed, you will be good as gold!
Happy Coding!
UPDATE:
When the index.php file looks for the cake core, it will look for a directory inside the location you are pointing to for another directory called cake. So in your case:
define('CAKE_CORE_INCLUDE_PATH', DS.'Users'.DS.'cameron'.DS.'Sites'.DS.'cake-1.3');
You must have the cake directory inside /Users/cameron/Sites/cake-1.3. Your directory structure will look like:
/Users/cameron/Sites/cake-1.3/cake
/Users/cameron/Sites/cake-1.3/cake/libs
/Users/cameron/Sites/cake-1.3/cake/config
/Users/cameron/Sites/cake-1.3/cake/console
etc.
CakePHP 3.0+
In CakePHP 3.0+ this configuration is moved out of webroot/index.php to App/Config/paths.php
If you have access to your php.ini, you can add the path to Cake core there. Doing it this way means you don't have to change webroot/index.php at all. Example in php.ini:
include_path = ".:/usr/local/lib/php:/home/something/phpinc/cakephp2/lib"
According to the CakePHP 2.x docs, this is the recommended way to share the Cake core (assuming you have access to your php.ini).
You can have only one cake core but you must have one app folder (containing MVC) by site.
Is this a misunderstanding of the folder structure of CakePHP?
From the docs (CakePHP folder structure):
The app folder will be where you work your magic: it’s where your application’s files will be placed.
The cake folder is where we’ve worked our magic. Make a personal commitment not to edit files in this folder. We can’t help you if you’ve modified the core.
So the cake folder shouldn't change between all of your uses, therefore you have 1 copy. You can always change some of the functionality of the core by making your own changes in the app folder i.e. extending.
There is no need to edit index.php.
Just put an alias (or link in UNIX) to your cake folder in each of your sites folder. Works perfectly. Same goes for plugins and vendors folder.