Viewed   116 times

I am using Laravel for web app. Uploaded everything on production and found out that some of the files can be directly accessed by url - for example

How to avoid that direct access?



You're using wrong web server configuration. Point your web server to a public directory and restart it.

For Apache you can use these directives:

DocumentRoot "/path_to_laravel_project/public"
<Directory "/path_to_laravel_project/public">

For nginx, you should change this line:

root /path_to_laravel_project/public;

After doing that, all Laravel files will not be accessible from browser anymore.

Thursday, December 22, 2022

The problem is that your .htaccess is rewriting everything to the frontcontroller, which is normally located at {host}/index.php. In your application however it is located at {host}/quotes/public/index.php.

So you have 2 options:

1. virtual host
Set up a virtual host in your XAMPP Apache that points ie. myapp.local to htdocs/quotes/public Here is an example of how to achieve this: how to create virtual host on XAMPP. (Don't forget to add the host to your hosts file and have it point to your local macine on You can then access your application on myapp.local/whatever-route-you-define. Alternatively you forget about XAMMP and install the homestead virtual machine, which comes preconfigured for this.

2. rewrite rule
Change you rewrite rule to rewrite all requests to quotes/public/index.php in stead of index.php. I'm no htaccess expert, but I believe it should be as simple as changing this:

RewriteRule ^ index.php [L]

to this:

RewriteRule ^ quotes/public/index.php [L]

Do note that you'll still need to access your application trough localhost/quotes/public/whatever-route-you-define which is not ideal imo. Your dev version should be as close to your live version as possible, and if you start working with absolute and relative paths and stuff in your code things will become a mess sooner rather then later.

Personally I would go for Homestead, I use it all the time and it works great once you have it running.

Btw, the reason why localhost/quotes/public/index.php is working for you right now is because RewriteCond %{REQUEST_FILENAME} !-f tells Apache not to rewrite any requests to files that actually exist (otherwise you wouldn't be able to access static assets like your css).

Thursday, September 15, 2022

Thank you guys for helping, well actually I figured it out somehow. Here's my solutions for anybody who might run into the same problem like I did:

Inside /public_html, I created a folder and named it my-project. Inside my-project folder, I placed all files & assets folders ( css, js ) and .htaccess file here.

Then I went back to the parent level ( same level as /public_html ), I created a folder and name it app-core. I placed all the other Laravel's folders & files here.

The structure is gonna be like this :


--- All others files & folders except **public**
--- index.php
--- css
--- js
--- .htaccess

Finally, I went back to edit the index.php like this :

require __DIR__ . '/../app-core/vendor/autoload.php';
$app = require_once __DIR__ . '/../app-core/bootstrap/app.php';

And saved it, then everything was ready to go!

Thursday, November 24, 2022

.eslintignore file to ignore styles would work nicely. Inside, do something like this: *.css

Here's a good starting point with these techs, which I actually found while reading another, similar SO post

Sunday, December 11, 2022

Usually I use the Scopes support for filtering out/in elements. I like this support and it can be use as the scope for other tool windows such as Hierarchy Call, and Find in path dialog. Moreover you can have many scopes and easily switch between them. The support for scratch files and version control - change sets - benefits from scopes support.

In order to create a new Scope:

  1. open Settings > Appearance & Behavior > Scopes

  2. Create a new scope by clicking on + icon

  3. and then use include/exclude (recursively)

Kind regards

Thursday, December 1, 2022
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :