stackoom
  简体   繁体   中英

how to write .htaccess and protect sites files and folder in laravel

 原文  2017-09-09 20:38:12       php/ laravel/ .htaccess

Question

i developed a website in laravel but problem is if someone know the name of files he can directly access that files of website which i don't want 

JobScholar
   app 
    Exceptions 
    Http     
    Mail 
    Models   
    Permission.php       
    Providers   -    
    Role.php     
    User.php 
.env 
  etc etc

application is working fine but what i want if user type 

http://localhost:8080/JobScholar/app/
or
http://localhost:8080/JobScholar/User.php/

he should rediret to home controller or see an error message

my .htaccess 

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
        Options -Indexes
        ErrorDocument 403 http://localhost:8080/JobScholar/index
        Options +FollowSymLinks
    </IfModule>


    RewriteEngine On

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /JobScholar/$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

## Don't listing directory
#Options -Indexes
#
## Follow symbolic links
#
#
## Default handler
#DirectoryIndex index.php

i don't want the user to access any of the file or directory the only directory and files he can see are only those whose routes are defines

1 answers

solution1
 0  2017-09-09 21:05:40

Laravel basic flow is that ALL the requests go through index.php file in public folder. So you have to make sure your server points all the request to that folder so index.php can serve and take care of the rest.

Quick fix is to create vHost file(assuming you're not on shared host). Here's a sample: 

<VirtualHost *:80>
    ServerName www.site.com
    ServerAlias site.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html/site_name/public

    <Directory /var/www/html/site_name/public>
        AllowOverride All
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

On apache server it will go in: 

/etc/apache2/sites-available/

Then enable the site a2ensite site_name.conf

Finally point your site to server IP in /etc/hosts like so: 127.0.0.45 site.com

Also be sure to enable mod rewrite using a2enmod rewrite so .htaccess provided by Laravel can make required rewrites to the URL.

Finally restart apache: service apache2 restart

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question .htaccess doesnt protect files in folder how to protect a folder or directory with htaccess How to protect files with .htaccess and a login page? Using htaccess to protect files How to protect files in upload folder being executed How to protect files in public folder in codeIgniter? how to protect deleting files from other folder Protect a folder by .htaccess RewriteRule to php How to protect sub folder via .htaccess file in wordpress site how to protect uploads folder with .htaccess to only allow images in wordpress site
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM