Secure laravel hosting in shared hosting with ssh access

Question

I have access to bluehost unlimited hosting, with many domains on it, including my own.

I have SSH access.

I have deployed a laravel web app by putting the app, bootstrap and vendor folders in a folder outside the main public_html directory, and laravel's public folder contents in my domain folder, adjusted the include routes, and it's working fine.

1) Now, I would like to have all laravel related files in my domain folder but don't know how to make it secure, i.e. pointing the domain to a laravel's public folder inside my domain folder, instead of root of my domain folder, thus preventing public access to app, bootstrap and vendor folders.

I'm not sure if I explained it clearly, this is what I'm trying to achieve:

public_html/
  some_domain_folder/  
  my_domain_folder/
    app/
    bootstrap/
    public/
    vendor/

and for my domain to point to my_domain_folder/public so the rest of laravel's files are inaccessible to public.

How can I do that?

2) If I succeed in doing 1) would I be able to execute php artisan commands via SSH?

Thanks, Petar

Answer 1

Point your domain to the domain folder as normal. Then you can use a .htaccess file inside of my_domain_folder to re-write requests to /public

<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{REQUEST_URI} !^public
    RewriteRule ^(.*)$ public/$1 [L]
</IfModule>

You should be able to run php artisan commands via SSH that bluehost gives you just fine, .htaccess only affects people accessing your site via their browser, not via the command line.