I have the following directory structure of Codeigniter Folder. You can see that I have put all my assets in the assets folder at the root of the application.
Base URL is defined as
$config['base_url'] = 'http://kamran.dev/Codeigniter/application/';
I tried modify it to
$config['base_url'] = 'http://kamran.dev/Codeigniter/';
but that didn't work either.
Can anyone please have a look and tell me what I'm doing wrong here?
P.S. Then I removed the .htaccess file from the application folder that contains
Deny From All
And this worked for me. But that doesn't seem like a good idea.
You have multiple options here. The easiest one is to move the assets folder to the same level as the application so that your directory structure is:
application
system
assets
css
img
js
Because the assets folder is not in a folder with the .htaccess with Deny From All it won't be blocked by your web server.
Alternatively you can add an .htaccess file in the assets folder with the following rule:
# /assets/.htaccess
Allow from all
I haven't tested this but I think it should work.
Another option is to change the .htaccess and put an exception on the assets folder but it's a very bad idea (with security implications) to remove the Deny From All without writing alternate rules to lock all folders that shouldn't be accessible.
Also, set your base_url to the folder containing application, system and assets directories (this folder contains Codeigniter's bootstrap/front controller index.php).
Additionally, I would advise you to echo your urls using the base_url() function:
base_url("assets/css/bootstrap.min.css");
OR to call a controller/route
base_url("controller/method");
The base_url function takes into account the value of $config['index_page'] as well as the necessary leading/trailing slashes.
Change your base_url to the following:
echo base_url("assets/css/file-name-here.css");
You want to pass the URL string to the base_url function. This way, you can change $config['base_url'] to whatever you want and it will append the string to that URL properly.
As an addition to the answer of grim. If you have your rewrite engine on you should have the following in your root .htaccess
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond $1 !^(index\.php|assets|robots\.txt)
RewriteRule ^(.*)$ index.php/$1 [PT,L]
</IfModule>
Related
I have created a new Laravel project (v5.5) which is related to my main website. Due to SEO-technical considerations I want the link to be like this: <mainwebsite.com/laravel>.
Both, <mainwebsite.com> and <mainwebsite.com/laravel> are deployed to an individual server. An Application Load Balancer redirects the traffic either to the main website or the new Laravel project.
The problem right now is that the Laravel app doesn't know that <mainwebsite.com/laravel> must be seen as the project's root. (The route / must go to <mainwebsite.com/laravel> and not to <mainwebsite.com>.
I've tried to add Route::prefix('laravel')->group() ... to web.php, which does fix the routes, but then the app's public dir can't be accessed.
Using relative paths like "/css/app.css" or "/laravel/css/app.css" won't fix this.
Is there a better way to set this up or does anyone know how this must be done?
The following did the trick for me.
Change the APP_URL in the .env file to http://www.mainwebsite.com/laravel
Move the contents of the public folder into a new folder inside the public folder and give it the same name as the path behind the URL (so in this case 'laravel').
/public
--- /laravel
------ /css
------ /js
------ index.php
------ ... etc...
Edit the relative paths in the index.php file:
require __DIR__.'/../../vendor/autoload.php'; &
require_once __DIR__.'/../../bootstrap/app.php'; (add an extra /../)
Set the right paths in webpack.mix.js and add the following rules to the beginning of the file to make sure relative paths in your files will be rewritten to the right dir:
mix.setPublicPath('public/laravel/');
mix.setResourceRoot('/laravel/');
That's it!
If you're using apache, setup .htaccess to rewrite the url:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/laravel/
RewriteRule ^(.*)$ /laravel/$1 [L,R=301]
</IfModule>
This should rewrite all url paths that do not start with laravel to ones that do.
For nginx, you could do the following:
location ^~ /laravel(.*) {
return 301 $scheme://$http_host/laravel$1$is_args$query_string;
}
Site location: http://localhost/~username/website
The website loads lots of images with an absolute url such as /image/image.png.
I need that request to go to:
http://localhost/~username/website/image/image.png
instead of
http://localhost/image/image.png.
I also need this to not affect any other folders or the root folder. So that I could also access http://localhost/image/image.png if I wanted to.
Is there some way of making it so that when it's requested from this subfolder to redirect?
I want the absolute reference like /css/something.css and /image/image.png to points to /subdirectory/css/something.css and /subdirectory/image/image.png. That way I don't have to rewrite all the absolute references. So, I don't want to modify the root directory.
I'm wondering if setting up a virtual host that would not allow the subdirectory "website" to have no ability to access the root. I don't ever need root access from this folder.
Be sure you are allowed to use .htaccess file in your webserver. Look at this how to enable in apache:
https://www.digitalocean.com/community/tutorials/how-to-use-the-htaccess-file
Create a .htaccess file in root or ~username/website directory Then write this to your .htaccess file:
Options +FollowSymLinks
RewriteEngine On
RewriteRule ^~username/web/image/(.*) /image/$1
Why the requirement to use /image/image.png? Why wouldn't you just use one of these instead:
http://localhost/~username/website/image/image.png (absolute)
image/image.png (relative without preceding slash)
You can use this rule in root .htaccess OR in Apache/vhost config:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/~
RewriteRule ^(.*)$ ~username/website/$1 [L]
I'm building an application for broad distribution and I want to change the way it's routed so that all the files can exist in the document root but still be secure as if they were above the doc root.
The ideal set up would be to house the application folder above the docroot like so:
/home
/---/username
/---/--->application
/---/---/--->all application files
/---/--->public_html
/---/---/--->all public files
But I know this isn't ideal for all potential users of my app, so I'd prefer to move this to a structure like so:
/home
/---/username
/---/--->public_html
/---/---/--->application
/---/---/---/--->all application files
/---/---/--->public
/---/---/---/-->all public files
Basically just putting everything within the doc root, forbidding access to the application directory, and routing all requests to the public folder, so that we can get the same security of having files above the doc root, but making it simpler for those that may not want this type of set up for their shared hosts.
I was thinking of using an include inside public_html/index.php that would include public_html/public/index.php but I can't seem to get that to work.
Any help would be appreciated.
As I understand it you want to have home/username/public_html as the real Apache Document Root, deny access from the /application directory and, ideally, route all web requests into the /public sub-directory instead (presumably for users not on dedicated servers who can't install outside of the docroot) ... If I've misunderstood the question let me know and I'll update/remove the answer ;)
You should be able to achieve this with an .htaccess file in /home/username/public_html like:
RewriteEngine on
# deny access to the application directory
RewriteRule ^application/? - [F]
# route all requests to the public directory that aren't already there
RewriteRule ^(?!public/)(.*)$ /public/$1 [L,QSA]
Any attempts to access the /application directory will result in a 403 error and all requests to http://www.myserver.tld/file.ext will be routed to http://www.myserver.tld/public/file.ext.
Caveat: To prevent recursive loops of the redirect, the rewrite rule will not redirect any URL path that already begins with /public ... this means that any file under /public will be accessible on both the http://www.mysite.tld/filename.ext and http://www.mysite.tld/public/filename.ext - which may upset search engines.
To be extra safe you could also add an .htaccess file to the /application directory like:
Deny from all
Use this.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^$ public_html/ [L]
RewriteRule (.*) public_html/$1 [L]
</IfModule>
Are you using any framework in your app?
Have you a sample of code we could access to understand your problem?
Basically, you just need an htaccess in your public_html folder that redirect the request to the public folder and disable the access to any other directory than public.
I have a problem with Codeigniters Security.
My Codeigniter Installation has the Application Folder, System Folder and a Assets Folder.
In my Assets Folder there is a Third Party PHP Script.
I want to Call this Script: DOMAIN/assets/FOLDEROFEXTERNALSCRIPT/EXTERNALPHPSCRIPT.php
Is there a option that i can call this File over the URL without a Controller?
I hope you have removed index.php from your url's which is done by either adding the below rewrite rules in the .htaccess file at your DOMAIN root directory, or by adding these rewrite rules in the virtual hosts.
Below rule means, to rewrite every url to index.php?params except if the current url contains "index.php or assets in it", now you can put any static content or even core PHP scripts in this folder to be access directly, with having CI in picture.
In your .htaccess file just add "assets" folder in the bypass rule, along with index.php
RewriteEngine on
RewriteCond $1 ^!(index\.php|assets)
RewriteRule ^(.*)$ /index.php?$1 [L,QSA]
I have the following shared hosting file structure using a codeigniter project:
myTLD.com/sites/mysite
mysite contains: application, system , index.php ... ( standard CI2 setup )
myTLD.com/public_html - contains : index.php
I have symlinked myTLD.com/public_html/index.php to myTLD.com/sites/mysite/index.php
Unfortunately I am getting:
Your system folder path does not appear to be set correctly. Please open the following file and correct this: index.php
I have set it up this way to avoid placing the actual site in the document root for security purposes . I don't want to change mysite/index.php because I want to keep the entire project in its mysite directory where it can easily be revised etc.
The application and mysite/ folder are set to 755 so I don't think this is a permission problem .
My myTLD.com/public_html/.htaccess folder directs all requests to index.php:
RewriteEngine On
RewriteRule ^(.*)$ index.php
Can someone advise me on an approach to sending requests through to the codeigniter index file without causing this error?
Thank you
You can try following way
1) Remove the symlink
2) Use this in htaccess at myTLD.com/public_html/.htaccess
RewriteEngine on
RewriteRule ^(.*)$ myTLD.com/sites/mysite/index.php?/$1 [L]
Use absolute system path if you are aware of it.