重定向到公共/在 php 工匠服务

Question

I have a laravel application that I made changes to the folder structure, I have been working with laragon and everything works fine but on my local environment and live server.

However, when i user php artisan serve, the generated url doesn't load assets in the public folder.

Eg

https://livewebsite.com // [live server] works.
https://myproject.local // [laragon] works.
http://localhost/myproject // [laragon /xampp] works
http://127.0.0.1:8000 // artisan [doesn't load assets, assets in the public directory returns 404
//e.g http://127.0.0.1:8000/public/assets/themes/cryptic/style/bgs.css  would return 404

Changes I made,

|-core
|-public
|-.htaccess
|-index.php

I have moved all laravel core folders and files to the core folder, moved the .htaccess and index.php to the root directory.

From my debugging so far, I understand that laravel built in server redirects requests to the public folder where the index.php file is located.

What changes can I make so that the request is not sent to the public folder, ie http://127.0.0.1:8000/public/assets/themes/cryptic/style/bgs.css should just be allowed to be without be redirected.

The entire thing works on various environments except when I'm using laravel built-in PHP server with the artisan command.

Answer 1

I can't comment due to reputation, but what you're doing might be unsafe!

This way all your project files will be public, which can expose credentials and exposes Composer packages to the public as well. This means any PHP file in any Composer package can be executed, which can lead to remote code execution, which has happened before here and is described here .