发表新帖
发表新帖

Separate CodeIgniter public folder

前端 未结
关注
2 1697
后悔当初
后悔当初 2020-12-20 06:37

I\'ve been trying to change my CodeIgniter file structure to make it safer and cleaner but I can\'t get it to work. I want to separate the application/system and the public

相关标签:
2条回答
  • 旧时难觅i
    2020-12-20 07:07

    As per the CodeIgniter Installation Instructions...

    /var/application/
/var/system/
/var/www/index.php

    For the best security, both the system and any application folders should be placed above web root so that they are not directly accessible via a browser. By default, .htaccess files are included in each folder to help prevent direct access, but it is best to remove them from public access entirely in case the web server configuration changes or doesn’t abide by the .htaccess.

    0 讨论(0)
  • 长情又很酷
    2020-12-20 07:22

    For CodeIgniter 3.x, the correct way to approach this (at this point in 2018 and after) is as follows:

    • Make a public folder in your root folder
    • MOVE your index.php file into this folder (to prevent ambiguity)
    • inside the moved index.php file, change the following:

      change $system_path to ../system

      change $application_folder to ../application

    Now, we need an .htaccess file, but CI 3.x doesn't have a .htaccess file by default, soo.. how about stealing it from CI 4.x which has it by default? You can find it here:

    https://github.com/bcit-ci/CodeIgniter4/blob/develop/public/.htaccess

    I recommend you NOT include the line SetEnv CI_ENVIRONMENT development - instead, define this in your apache or NGinx .conf file so the .htaccess file can work anywhere.

    Finally, you'll meed to update your .conf file so that DOCUMENT_ROOT is set to the subfolder named public (or whatever you chose to name it). Then restart Apache/Nginx.

    That should give you the same results, and be much more secure.

    -- UPDATE -- I found that I had problems with the .htaccess file from CI 4, however suspect it's my system that's the problem. This simple version did work however:

    RewriteEngine on
RewriteCond $1 !^(index\.php|assets|images|js|css|uploads|favicon.png)
RewriteCond %(REQUEST_FILENAME) !-f
RewriteCond %(REQUEST_FILENAME) !-d
RewriteRule ^(.*)$  ./index.php/$1 [L]
    0 讨论(0)
 看不清?
提交回复
热议问题