Why my configuration files are getting accessed from browser in laravel? - laravel

I have hosted my project on the server and my application is getting hacked, as of now I came to know my configuration files are no secured like .env, composer.json etc. These can be directly accessed by saying mydomain/filname e.g., www.abc.com/.env, when anybody hits url like this then file is opened on the browser. How can protect these files. I am using lravel 5.7

It seems you have multiple .htaccess files and your server isn't using the one that Laravel provides.

Related

Configuring Laravel project in DirectAdmin server

I'm a newbie to Laravel projects but I need to have one accessible over the internet so I tried using DirectAdmin but whenever I go to my domain I get an index (pictures attached).
I renamed the Laravel 'public' folder to 'public_html', is that correct? Here is my file structure.
Here is what I get when I go to my assigned domain which isn't my website at all.
The webpage should look something like this
I also found a laravel app using Softaculous linked here (https://panel.freehosting.com:2222/CMD_PLUGINS/softaculous/index.raw?act=software&soft=419). Am I required to use this app?
At first, you need to learn about the laravel directory structure. You don't need to change the laravel public folder to public_html. I am not sure how the DirectAdmin server works. but if you see a laravel directory instead of serving an application it's might be a path-related issue in your server. your domain should serve your application public folder.
I just found a tutorial for the DirectAdmin server with laravel. that might help.

Could not open input file: artisan - Laravel existing web app - PhpStorm

I have an existing Web application in Laravel and I'm trying to add a GDPR functionality for cookies with PhpStorm.
I'm getting this error while trying to run the application.
Could not open input file: artisan
I'm using:
PhpStorm
XAMP server locally
What I have discovered, the developer have built the structure in a different way that I know, I mean, the Laravel packages and resources reside in project folder since the the whole application is structured in Online store folder like " Online_store/project"
See the attached pictures:
EDIT: I'm a beginner into Laravel, can you tell me more what exactly I need to do and where? This is the configuration file for my setup to run the app

Laravel on a directory, links e.g. login link does not work

I have uploaded my Laravel app unto a directory under the public folder on my domain,
html_docs/public/store
where 'store' is the folder of my Laravel App. My main domain pointed at 'html_docs/public', please check my laravel app here "https://www.dinhi.org/store/". As you can see, when you click the "sell with us" or "login" on the top header, it returns
Not Found
The requested URL /store/dashboard/login was not found on this server.
I have set up to in my '.env' and in my 'config/app.php' the right url like "https://www.dinhi.org/store/" but still not working, any ideas, help please?
PS: I'm on Laravel 5.3 and I'm using Hesto Multi Auth. In my local, this issue does not exist like everything is good and working.
Laravel is not meant to be installed completely into the document root of your server. Actually, every folder of your laravel application except the public folder should be inaccessible from the web.
Your exposing yourself to a security risk here, since everybody could access every file of your app, including potential .env files with database credentials and the likes.
Cheers
Christoph

uploading files from one domain to another in laravel 5

I am kinda stuck in my laravel 5.2 application (I'm actually a newbie in Laravel). I am working on a project with both front and back ends. The two ends are hosted on two different domains (frontend on the main domain and backend on a subdomain). The problem is, am trying to upload files (images) from the backend on the subdomain to a folder on the main domain. I have made extensive research on how to do this to no avail. Hoping to get assisted. Thanks.
Try to make the upload form on the same server that the request is procesed and try to include the form on the other server using an iframe or something similar.

Joomla backend not shown correctly

I'm using Joomla 2.5 and the backend is not shown correctly. It seems that the template is not loaded correctly.
This is my page:
http://www.fussball.tsg-kastel.de/administrator/
The page as such is shown correctly but as you see, the backend isn't...
Try doing this:
Rename the admin templates folder on the host server (for a backup)
FTP transfer of an admin template folder from another Joomla site and then copy it from the FTP location using a file manager into the admin templates folder.
You could have a corrupt file or just missing some files from installation. This has happened to people before and by doing these two steps it seemed to solve their issue.
Hope this works out for you.
You probably have a fatal error. Go to configuration.php and change error reporting to development. This will render the error to the browser (alternatively check your apache error log). I predict you probably have a plugin problem -- perhaps your host updated PHP version for example. Whatever it is, deal with that problem.

Resources