I was going through all possible sample on internet to solve this. Still it is an headache.
I just want to avoid the 'public' in www.mylaravelsite.com/public/
and make it like www.mylaravelsite.com for the root directory.
Now I do not want to avoid the security concern,So I learned .htaccess would be the best way.
Any solution friends ?
& advance thanks for interacting !
In order to force https, your RewriteRule is required to force an external redirect. In the case of your rule, you're forcing a 301 redirect (R=301). Most browsers and clients are designed to automatically follow redirects, but they (incorrectly) do so with a GET request.
So, when a client sends a POST request with data to http://example.com/route, your server responds with a 301 redirect to https://example.com/route, and then the client makes a GET request without the data to the new URL. As you can see, you can't just change your routes to accept GET requests as well, because the data sent in the original POST request will be dropped.
One option would be to add a rewrite condition to not redirect POST requests:
# Force SSL
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_METHOD} !=POST
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
However, this pretty much defeats the purpose of what you're attempting to accomplish. This whole concept is to force https everywhere. It would be silly to enforce it everywhere except when POSTing data to your application.
Another possible option would be to change your 301 redirect to a 307 redirect. Even though clients aren't supposed to change the request method for 301/302 redirects, most clients do due to ambiguity in the specs and existing functionality. Because of this, 307 was added with the specific idea that if this status code is used, the request method MUST NOT be changed. However, 307 is classified as a "temporary redirect", so it won't be cached and may affect your SEO. Additionally, this status was added in the HTTP/1.1 spec, so you may run into some clients that don't know how to process a 307.
Your best option is probably just to reject non-secure POST requests. Or, redirect them to an error page explaining you don't accept non-secure POST requests.
RewriteEngine On
# Forbid non-secure POSTs
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_METHOD} =POST
RewriteRule ^ / [F,L]
# Force SSL
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
UPDATE: built-in web server is available in the recent IntelliJ IDEA versions (starting from 13). You can find more details in the blog (yes, this feature first appeared in WebStorm).
IntelliJ IDEA has no this feature, you need to install and use any third-party web server that can serve the content from the project folders.
I followed these steps, mentioned here : https://laracasts.com/discuss/channels/general-discussion/where-do-you-set-public-directory-laravel-5 :
in bootstrap/app.php, add
$app->bind('path.public', function() {
return base_path('htdocs');
});
Then, in /server.php, change the two occurences of publicto htdocs (Or whatever you wan to use).
I sincerely hope that'll work in every situation.
I recently had to do the same, but this time my host allowed me to delete the "htdocs" folder (And I had a ssh access) :
ln -s public htdocs
Let's assume you have this folder structure in your server
And the laravel folder structure is
You can create a folder name mylaravelsite on your server inline with
public_htmlandpublic_ftpfolder, and copy to it the whole laravel application except the public folder because you will paste all of it contents on thepublic_html, so you have now:On your
public_html/index.phpchange the following line:to
and also don't forget to change
/mylaravelsite/bootstrap/paths.phppublic path, you might use it.to
Your site should be running.