Level 29
First of all you need to make sure that the Laravel project is outside of the public root and the .env file is not reachable.
Are you using shared hosting ?
May 27, 2024
4
Level 3
Moving Laravel project from localhost to remote
I have already read a lot on the topic without having solved the problem... I'd like to deploy an old, simple Laravel 7.x project (working perfectly locally) on a remote server (shared at 'aruba.it') for testing purposes, maintaining the original structure of a usual Laravel installation.
I uploaded everything to 'https://www.mydomain.it/laravel/laravel-project', when asking for that I obtain '403 Forbidden'. When asking for 'www.mydomain.it/laravel/laravel-project/.env' I get the file view and I know this shouldn't happen... When asking for 'www.mydomain.it/laravel/laravel-project/public' I get 'www.mydomain.it/posts' with '404 Not Found' (in '/routes/web.php' I have 'Route::redirect('/', '/posts');'; and in any case I wouldn't want to add 'public' on the URL. As research suggests I placed '.htaccess' in '.../laravel-project' with this code: <IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^(.*)$ public/$1 [L] </IfModule>, at least I get the 'Not Found' Laravel's view... Maybe I'm doing something wrong in the '.env' file too? For example, what exactly should I write under 'APP_URL'? Thanks in advance, I'm a newbie.
Level 3
@gych Yes, I'm using shared hosting. I would like to know, beyond security issues, whether it is possible to maintain the structure of the local installation, perhaps using a .htaccess file in the main subfolder (www.mydomain.it/laravel/laravel-project).
Level 80
@Stefano49 Don’t try and use .htaccess file to “hide” files and folders.
Most shared hosts make you use public_html. Rename your Laravel application’s public directory to public_html. You then need to tell Laravel the new public directory path by opening bootstrap/app.php and adding this line after the create method:
return Application::configure(basePath: dirname(__DIR__))
// withRouting, withMiddleware, etc.
->create()
->usePublicPath(__DIR__ . '/../public_html');
You can now upload your files and folders in the directory structure your host is expecting, and your sensitive files (.env file, controllers, models, etc) will be outside of the public_html directory and will no longer be publicly accessible.
Level 3
From the answers I got I understood that I had misconceptions in my mind and the importance of keeping significant files and folders safe. Thank you.
Please or to participate in this conversation.