Laravel works with a project dir, an app dir (the code) and a public folder (public assets, css etc).
You will have to rethink how you do things. You can of course move everything from public into your project, but that would be unsafe and not something anyone will suggest you do.
What you can do is move Laravel into this structure: localhost/project/laravel (app code, but maybe create a non guessable dir...) localhost/project (public dir)
Then change the path configs (bootstrap/paths.php) to suit above setup. And also index.php in your "public" folder should be changed so it finds the laravel bootstrap file.
I don't understand how this is useful to anyone? Surely when you set up a website you want people to be able to find your content by navigating to
NOT
I don't see the logic here. And moving all the files around as per your suggestion defeats the point of using a framework, surely?
No, this is by design, it's a very important security principle - the public folder should be your DocumentRoot, in Apache, this is done by either by changing the config of your website, or by using a VirtualHost (useful for hosting multiple sites in one Apache installation). As CedNet suggests - there are other methods that involve moving the files below your DocumentRoot and configuring the paths.
This means that the framework files, config etc are not available publicly, the only thing that should be public is, as the name suggests the "public" folder.
By configuring your server appropriately, you won't see "public" in your URLs.
AndrewBNZ said:
No, this is by design, it's a very important security principle - the public folder should be your DocumentRoot, either by changing the config of your website, or using a VirtualHost (in Apache), or as CedNet suggests - there are other methods that involve moving the files below your DocumentRoot and configuring the paths.
This means that the framework files, config etc are not available publicly, the only thing that should be public is, as the name suggests the "public" folder.
By configuring your server appropriately, "public" should not appear in your URL.
Ok thanks this is a clearer response. I am trying to test this now by uploading to my web server.
So if I upload the contents of my public folder to the public_html folder on my server, and everything else to the parent of that folder it should just work?
Yes, if you're not using the Apache installation for any other sites, you can put the contents of the public folder into public_html and the rest of the framework a level below that (or above, depending how you look at it). You may still need to edit the bootstrap/paths.php file though.
Ok thanks. This structure is new to me. I'm not sure as to why this is important for security and you can't see the contents of a php file anyway?
It's just best practice, avoid tempting fate, better safe than sorry etc...
Sign in to participate in this thread!
Laravel
Laravel News
Laracasts
Laravel Podcast