I am running laravel on a subdomain i.e. subdomain.mysite.com
I have setup my structure like this:
username
-public_html
--subdomain
---public
Basically, when I created my subdomain the path I set was subname/public so the subdomain points to the public folder. I have uploaded laravel to subname so when someone goes to the subdomain url it looks at the public folder and it shows the laravel You have arrived page.
Now when I browse to mysite.com/subname it gives me a forbidden page and when I browse to mysite.com/subname/public it shows the laravel you have arrive logo.
Is it safe to set-up laravel on a subdomain this way or am I exposing the app / model / controller folders etc?
Is this just very bad and should i move the laravel core files above public_html?
I hope this makes sense
Thanks
With proper Apache configuration (or any other server you use) and .htaccess ( in case of Apache) you can restrict the access to your core directories irrespective of where your files are located.
I do not know about your server configuration and which folders you have access to, but in case you have access to other directories, you can set up laravel in somewhere else other than under public_html and set up public directory to be visible, just like you did when setting up it as a sub-domain.
If you want to setup as a sub-folder under mysite.com you can keep the Laravel installation somewhere else, and provide symbolic link under public_html like this
ln -s /path/to/laravel/public /username/public_html/subdomain
In such case you need to add following line to .htaccess file.
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /subdomain # Add this line
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
Hope this helps.
Related
What am I doing
Open FTP -> public_html -> laravel folder.
Copy all files from local directory to laravel folder
Open URL of the site and get this on the screen
https://i.stack.imgur.com/IbsvQ.png
Problem is simple, it opens directory, and not lead to index.php in public/ directory.
I tried everything I found in Google, like:
Move .htaccess file from /public to laravel directory and change it, like this:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -d [OR]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^ ^$1 [N]
RewriteCond %{REQUEST_URI} (\.\w+$) [NC]
RewriteRule ^(.*)$ public/$1
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ server.php
It works, but not completely, it load site, but it doesn't load .css and .js (static files) from public directory, which is normally, after I moved out .htaccess files, so I should change asset() everywhere in the project and add "public/", which doesn't look OK for me.
Instead of moving .htaccess I tried to edit index.php file, like most of the tutorials show:
require __DIR__.'/../vendor/autoload.php';
to
require __DIR__.'/../laravel/vendor/autoload.php';
and
$app = require_once __DIR__.'/../bootstrap/app.php';
to
$app = require_once __DIR__.'/../laravel/bootstrap/app.php';
It doesn't work.
Is there a way to handle this, without edit asset() everywhere in my project ?
Option 1
The best way to deploy, if you do not have access to the ssh but the ftp is:
Copy and paste the project on the parent folder of public_html
Wait for the upload, I recommend you to separate in an appropiate mode your dependencies in order to no install devDependencies in your prod site (this also applies for your JS assets).
once the entire laravel site is uplodaded, then you should have to delete the public_html folder and then from public make a symlink this will create a reference from your public folder and apache will try to access to the reference associated with the new public_html symlink.
Option 2
If you have access to your server through SSH, then I strongly recommend you to check if you have git available on your server, then you would be able to pull your master branch (this should be prepared for production). And also create the symlink using command line.
Also if you have SSH you will be able to prepare your project as it should with the commands you need to make it work.
I think the best way to deploy on shared hosting is to create a project folder outside the public_html folder
And add all you project files there
Then move all the files in project public folder to public_html with laravel default htacess file
Now open the index.php file you have moved to public_html
And define a proper path to project director outside the public_html directory example
require __DIR__.'/../your_project/vendor/autoload.php';
Change all path like this.... I hope its helps you
I am using laragon server for php 7.2 laravel. I have tried a lot to remove public keyword from my url http://localhost/myLaravel/public/ by its normal method of copying .htaccess folder in my laravel project directory as well as by copying and renaming server file to index.php. But it didn't work.
whenever i write this url: http://localhost/myLaravel/
it give me following error:
Forbidden
You don't have permission to access /myLaravel/ on this server.
Any solution?
Laravel app is not meant to be accessible in a subdirectory by default. You can do one of the following:
point your domain to the myLaravel/public directory, if you want a dedicated domain or subdomain
move the public directory to the root of your Laravel app, as described here: How to make public folder as root in Laravel?
You can use this htaccess code in laravel root directory.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^(.*)$ public/$1 [L]
</IfModule>
I have developed a project with Vuejs as the front-end and Laravel as the back-end api.In localhost they run in different ports.How should I deploy them in production?
When you build your Vue app for production, all the relevant files are in the dist folder. It does not run on any port, but instead the files are served by a webserver (e.g. Apache or Nginx). For a laravel api you normally have the public folder in the laravel installation visible, while having the rest of the files not directly accessible from the web.
I am going to assume that you want to deploy the api and the frontend on the same domain. The easiest way of getting this to work is by having a specific prefix for your api. In the case below, I use the prefix /api for all api requests, since this is the default for api routes. Anything else is considered a request for the frontend.
You set up your folder structure like the following. The public_html folder is what is normally loaded when going to example.com and you can test this by adding a test.txt file with some content and going to example.com/test.txt. The backend folder contains your laravel installation. The frontend folder contains everything that the dist folder contained after running npm run build.
/var
+-- /www
+-- /vhosts
+-- /example.com
+-- public_html
+-- /backend
+-- /frontend
To get everything to work, we are going to remove the public_html folder and replace it with a symlink to backend/public.
cd /var/www/vhosts/example.com
rm -r public_html
ln -s ../backend/public public_html
When we check example.com, we now should see that we can make requests to the api using example.com/api/someroute. There are several ways we can make the frontend work with this, but for ease of deployment, lets create a symlink to the dist folder.
cd /var/www/vhosts/example.com/public_html
ln -s ../../frontend/dist app
If you are using hash mode for your Vue application and don't mind accessing the app through example.com/app, I believe this is all you would need to do. Otherwise you would need to modify the .htaccess file if you are using Apache, or change the rewrite configuration of whatever other webserver you are using. I imagine the .htaccess file would look something like this:
# We assume that the FollowSymLinks option is enabled in the main Apache configuration.
RewriteEngine On
# Rewrite anything that starts with `api` to the laravel index file
RewriteCond %{REQUEST_URI} ^/api
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Rewrite anything else to the frontend app
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ /app/index.html [L]
We have an added domain on a shared hosting. This domain is not the main hosting domain, but an added one that points to directory that matches the domain. The app was installed with a one click installer inside a dir like
ourdomain.com and Laravel public directory is accessed like
ourdomain.com/public
I need to use .htaccess to make /public the root of ourdomain.com and at the same time /public, so the project files and folders are protected as well. Can someone help show me how to do this with .htaccess?
If you do not have the access to change the settings in anything like CPANEL or similar then you can do it like this via .htaccess
RewriteEngine on
RewriteCond %{HTTP_HOST} ^ourdomain.com$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www.ourdomain.com$
RewriteCond %{REQUEST_URI} !public/
RewriteRule (.*) /public/$1 [L]
We have recently moved a Magento multi site environment to a new dedicated server, however all the sites apart from the admin URL site (not used apart from admin are) are reporting Magento style 404 pages on the front end.
We have ensured mod_rewrite is turned on, checked the database and manually amended the URLs in PHPMyAdmin to assign some temporary test URLs. The URL assigned to the admin area works fine, and the rest resolve to the server, however every front end is still 404. We have tried adding in index.php to the URL, no change. Checked all file and folder permissions, all OK. Cleared all cache manually and reindexed from command line. No change.
We have checked HTACCESS is correct which it looks to be. We have even taken another backup of the database and full site and restored to another server with the same issues.
We have also tried disabling SEO urls/URL Rewrites without change too.
Error logs dont say a lot either which isnt helpful.
Really struggling with this now so any help or pointers greatly appreciated. Thanks
First Solution:
Replace current .htaccess file with the default .htaccess file from Magento.
Second Solution:
#fastcgi_param MAGE_RUN_CODE default;
If doesn't work, try following solution:
Third Solution:
Is this installed on an Apache webserver? If not, the .htaccess functions will need to be translated to your flavor of web server software.
Has DSO module for mod_rewrite been installed in Apache and been enabled to load?
Is AllowOverrides enabled for the virtual server so Options +FollowSymLinks will function? You may have to check with your hosting service provider and have it enabled.
Is Magento's .htaccess file available in the doc root folder?
Has the rewrite engine been turned on in the .htaccess file?
Has the proper RewriteBase been assigned in the .htaccess file?
General entries in Magento's .htaccess that must function so rewrites will function to eliminate the need for index.php to appear in the URL.
<IfModule mod_rewrite.c>
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
############################################
## you can put here your magento root folder
## path relative to web root
#RewriteBase /magento/
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## always send 404 on missing files in these folders
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteRule .* index.php [L]
</IfModule>
Third solution from Fiasco Labs