0

In my own website, I try to refactor the folder structure of my webapps.

All files and folders as shown below are on the same server.

The desired structure is as follows:

my_webapps // Top level directory
 apps/  // Subdir that holds the different web apps
  app1/
   public/
    css/
    js/
    index.php
   app/ // app internal src code
  app2/
  app3/
 public/ // $_SERVER["DOCUMENT_ROOT"]
  css/
  js/
  index.php // Entry point
 views/
  header.php
  menu.php

The root index.php file lies in the top level public folder for security reasons. Looking at this answer that makes sense to me.

So in my "menu.php" (included in root index.php) I have some <a href="[link]"> tags to point to the URL of the different "apps/index.php" files.

But that does not work. The web server does not know the content in the "apps/" folder.

But how does this work with frameworks like Laravel then, like this post says?

Where is the mistake here and does anyone have an idea to solve this while still having the security benefits?

I am using nginx as a web server by the way. .htaccess is not an option.

user14181536
  • 35
  • 4
  • Your structure diagram is very unclear. What are all the + and - intended to convey? Please edit your question and use stackoverflow's formatting tools to make the structure clearer. Https://stackoverflow.com/help/formatting . Also, document root points to a folder, not a file. – ADyson Jan 03 '21 at 19:28
  • But anyway the issue seems to be simple - a browser can't access files which aren't in or below the webserver's root. You can of course configure virtual directories in the webserver config to try and overcome it if necessary. or rearrange either your folder structure or the way your application works. Symbolic links are no use here because a browser accesses the webserver, not the local filesystem of the server – ADyson Jan 03 '21 at 19:29
  • Thanks for the update. `But how does this work with frameworks like Laravel` ...because they use complex routing rules and possibly htaccess or other server config as well to control access. And they don't directly serve .php files from other folders to the browser. It's all done through the views. The rest is just code which is included in other scripts. – ADyson Jan 04 '21 at 10:21
  • 1
    If you want to keep all your apps separate then it would make sense just to have different virtual directories (virtual hosts in apache) for each one. Then you can specify which folder is public for each app. – ADyson Jan 04 '21 at 10:23
  • @ADyson: thanks for the explanations. I try to solve this via virtual hosts as you suggested. – user14181536 Jan 04 '21 at 10:33

0 Answers0