Support the ongoing development of Laravel.io →
Configuration Authentication Security

I have developed an application using Laravel 5.2 that uses the default authentication. I have the following in routes.php that protects all routes and have set up the "flow" so that auth/login is the only thing available, until the user is authenticated.

// Logging in and out Route::get('/auth/login', 'Auth\AuthController@getLogin'); Route::post('/auth/login', 'Auth\AuthController@postLogin');

Route::group(['middleware' => 'auth'], function() { // Only authenticated users may enter... all routes follow .......... }

I have registered to use Sucuri website protection and they require a php file to be placed in the app home directory and they try connect directly using that php file but are redirected to the auth/login .... What is a sane way to allow them to connect

Thanks for any input .... Regards Arnold

Last updated 3 years ago.
0

I would trust an html file to validate existence of your site with their signature but I would feel very uneasy about putting executable code from a vendor on my site unless I really understood it line-by-line. Also, ask whether it's just for initial verification or if they need you to keep that file permanently placed there. If it's just a .html file, putting it in the public folder should be no problem. I do that with SSL cert issuers all the time.

Norm

0

Sign in to participate in this thread!

Eventy

Your banner here too?

arnoldjp57 arnoldjp57 Joined 13 Jun 2015

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2025 Laravel.io - All rights reserved.