I've deployed a laravel app to a shared host. All my files are sitting within the public_html folder, including an .env file which contains my database credentials. According to some articles I've read online, the public_html folder is somehow accessible to malicious users...how is that possible and how can I protect it ?
Asked
Active
Viewed 422 times
1 Answers
-3
In project/public/index.php
Look for the following:
require __DIR__.’/../bootstrap/autoload.php’;
$app = require_once __DIR__.’/../bootstrap/app.php’;
And Update them to:
require __DIR__.’/../project/bootstrap/autoload.php’;
$app = require_once __DIR__.’/../project/bootstrap/app.php’;
You Might Face problems running composer unless you are uploading the vendors directory.
PHP Geek
- 3,949
- 1
- 16
- 32
-
Thank you very much...the article makes sense. I'll try it out....now how's the public_html accessible to malicious users ? I have a password and username for my Cpanel, right ? so how can someone access the files within the public_html folder ? – Innocent Khusela Mphokeli Dec 22 '17 at 04:09
-
I've followed the tutorial, and I'm getting an error. it says 'View[main] not found'. main is my home page view. What could be the problem ? – Innocent Khusela Mphokeli Dec 22 '17 at 04:45
-
Fixed it...I ran php artisan cache:config ...then php artisan cache:clear.. Thanks... – Innocent Khusela Mphokeli Dec 22 '17 at 04:50