简体   繁体   中英

Symfony 2 app.php vs app_dev.php

I'm using the Symfony 2 php framework, which has a couple of different usage environments: development, production and test. The app.php front controller accesses the production environment and the app_dev.php front controller accesses the development environment. Can anyone familiar with Symfony advise what is the best way to restrict the development environment to developers? I don't want the development version of my web application to be viewable by users of my site, they should be restricted to using the production environment.

Well, out of the box, the standard distribution has an IP-based guard check at the top of the dev controller .

// This check prevents access to debug front controllers that are deployed by accident to production servers.
// Feel free to remove this, extend it, or make something more sophisticated.
if (isset($_SERVER['HTTP_CLIENT_IP'])
    || isset($_SERVER['HTTP_X_FORWARDED_FOR'])
    || !in_array(@$_SERVER['REMOTE_ADDR'], array(
        '127.0.0.1',
        '::1',
    ))
) {
    header('HTTP/1.0 403 Forbidden');
    exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
}

However, as the comments indicate, you aren't beholden to that approach. For example, if you're running Apache, you can add basic HTTP Authentication to the dev and test controllers.

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM