Develop Reference

Codeigniter4 Shared web hosting. Issue with configuring URLs

here is the thing. localhost development works fine. as I move to shared hosting try to configure codeigniter4 I'm facing issues with routes.
I use softaculouse to install CI4 on the main directory (public_html). when I try to configure the routes things work fine except
when I write the domain name.
example
https://example.com/ (Issue) it will send me to https://example.com/public/ (Code 500)
I contacted support they claim the issue in public folder I'm not allowed to add .htaccess so they deleted it for me .htaccess file in public. things work fine. however; when I write https://example.com/ works but the URL in the address bar changes to https://example.com/public
How to remove /public ?
is it a .htaccess configuration?
is it an issue with Apache configuration from hosting company side?
by the way
https://example.com/home (No problem)
https://example.com/en (No Problem) after modifying routes using {locale}
htaccess in public_html
# To prevent access to .env and other files
<Files .*>
# Apache 2.2
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
# Apache 2.4
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
</Files>
<IfModule mod_alias.c>
RedirectMatch 301 ^/$ https://example.com/public
</IfModule>
This is htaccess which initially was generated inside public folder (Its standard generated by composer i think)
# Disable directory browsing
Options All -Indexes
# ----------------------------------------------------------------------
# Rewrite engine
# ----------------------------------------------------------------------
# Turning on the rewrite engine is necessary for the following rules and features.
# FollowSymLinks must be enabled for this to work.
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
# If you installed CodeIgniter in a subfolder, you will need to
# change the following line to match the subfolder you need.
# http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
# RewriteBase /
# Redirect Trailing Slashes...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Rewrite "www.example.com -> example.com"
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
# Checks to see if the user is attempting to access a valid file,
# such as an image or css document, if this isn't true it sends the
# request to the front controller, index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([\s\S]*)$ index.php/$1 [L,NC,QSA]
# Ensure Authorization header is passed along
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
ErrorDocument 404 index.php
</IfModule>
# Disable server signature start
ServerSignature Off
# Disable server signature end

Remove CI4 public/index.php with .htaccess rewrite rule on subdomain/folder

I have a subdomain called test.mysite.com and I have a CI4 installation inside a folder there called project. So the actual url for the CI4 installation is test.mysite.com/project/public/index.php. I want to remove the public/index.php portion from the url but continue to use the public folder to have my files, as they should.
I'm using this .htaccess on the project folder root:
DirectoryIndex /public/index.php
RewriteEngine on
RewriteCond $1 !^(index\.php|images|assets|css|js|robots\.txt|favicon\.ico)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ ./public/index.php/$1 [L]
<IfModule mod_headers.c>
<FilesMatch "\.(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
But it's not working. When I access test.mysite.com/project it leads me to a server list of files. I know the .htaccess file is being properly read because when I add an error there it gives me a warning
EDIT:
CI4 already comes with an htaccess inside the public folder:
# Disable directory browsing
Options All -Indexes
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
# If you installed CodeIgniter in a subfolder, you will need to
# change the following line to match the subfolder you need.
# http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
# RewriteBase /
# Redirect Trailing Slashes...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Rewrite "www.example.com -> example.com"
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
# Checks to see if the user is attempting to access a valid file,
# such as an image or css document, if this isn't true it sends the
# request to the front controller, index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([\s\S]*)$ index.php/$1 [L,NC,QSA]
# Ensure Authorization header is passed along
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
ErrorDocument 404 index.php
</IfModule>
# Disable server signature start
ServerSignature Off
# Disable server signature end

When I access test.mysite.com/project it leads me to a server list of files
Because your DirectoryIndex is set to /public/index.php (which presumably does not exist, as the index document is located at /project/public/index.php) and directory indexes (mod_autoindex) is presumably enabled (it should be disabled, so that such a request results in a 403 Forbidden).
the difference is that the other website that is working is not on a subdomain and it’s on the root, so it’s not the same htaccess
I'm not sure why it would be any different?
With the .htaccess file in the /project subdirectory, arrange your mod_rewrite (and mod_dir) directives like this instead:
DirectoryIndex index.php
Options -Indexes
RewriteEngine on
RewriteCond $1 !^public/(index\.php|images|assets|css|js|robots\.txt|favicon\.ico)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) public/index.php/$1 [L]
The presence of robots\.txt and favicon\.ico in the first condition implies you are rewriting requests from the document root. Since search engines request /robots.txt (in the document root), not /project/robots.txt (or /project/public/robots.txt). The same applies to /favicon.ico. If you are not rewriting these two requests then these two entries are not required.
This also assumes you are linking directly to your static resources using the public subdirectory. eg. /projects/public/images/foo.jpg. This isn't necessarily desirable since it exposes /public in the URL path. Users won't necessarily see this as it's not directly visible in the browser's address bar, but search engines and anyone who views the HTML source / network traffic will see it.
Just to add, that first condition (ie. RewriteCond directive) is "just" an opimisation. If it's set incorrectly, your site will probably work OK and you won't see a difference, except that it will be performing many more filesystem checks than it needs to do.
Alternative structure
An alternative approach is to have two .htaccess files. A basic /project/.htaccess file that simply rewrites everything to the public subdirectory and a more comprehensive (CI) .htaccess file at /project/public/.htaccess that actually routes the request to CI. This then allows you to omit public from all URLs, including URLs to your static resources.
For example:
/project/.htaccess
DirectoryIndex index.php
Options -Indexes
RewriteEngine On
# Unconditionally rewrite everything to the "public" subdirectory
RewriteRule (.*) public/$1 [L]
/project/public/.htaccess
The presence of mod_rewrite directives in the subdirectory .htaccess file naturally prevent a rewrite loop from the RewriteRule directive in the parent directory. (Assuming mod_rewrite inheritance has not been enabled.)
RewriteEngine on
RewriteCond $1 !^(index\.php|images|assets|css|js|robots\.txt|favicon\.ico)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) index.php/$1 [L]
<IfModule mod_headers.c>
<FilesMatch "\.(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>

Working for years with Codeigniter 3 I had this issue too. First I tried the .htaccess road but after realizing Codeigniter 3 could also benefit from a more secure structure, I applied the same experience to Codeigniter 4.
The basic idea is to move the whole framework to a folder off the web root. And move the public folder to the root (WEBROOT can also be a subfolder under the public html folder)
PRIVATEFOLDER
\codeigniter:
\app
\vendor
\writable
WEBROOT
assets\
index.php
.htaccess
Then I'll modify index.php (and spark and preload.php if used). This will do in index.php:
// This is the line that might need to be changed... etc
define('ENGINEPATH', 'PRIVATEFOLDER/codeigniter');
require ENGINEPATH . '/app/Config/Paths.php';
And /app/Config/Paths.php to this:
namespace Config;
class Paths
{
public $systemDirectory = ENGINEPATH . '/vendor/codeigniter4/framework/system';
public $appDirectory = ENGINEPATH . '/app';
public $writableDirectory = ENGINEPATH . '/writable';
public $testsDirectory = ENGINEPATH . '/tests';
public $viewDirectory = ENGINEPATH . 'app/Views';
}
Now, set the $baseURL to the WEBROOT url and you should be able to navigate without index.php and public, and the app code is protected outside the public folder.

Block direct access to all the php files except some of them in codeigniter

I want to install another script beside Codeigniter in my server. The problem is that Codeigniter by default contains a .htaccess file which has got the code below to prevent direct access to php files:
# Hide all PHP files so none can be accessed by HTTP
RewriteRule (.*)\.php$ index.php/$1
How can I add some exceptions to this code?!
If my PHP file is in another folder than the folder which .htaccess is located, how should I have an exception for that?!
My Whole code looks like:
# set it to +Indexes
Options -Indexes
Options SymLinksIfOwnerMatch
# Set the default file for indexes
DirectoryIndex index.php
<IfModule mod_rewrite.c>
# mod_rewrite rules
RewriteEngine on
# If the file is NOT the index.php file
RewriteCond %{REQUEST_FILENAME} !index.php
# Hide all PHP files so none can be accessed by HTTP
RewriteRule (.*)\.php$ index.php/$1
# If the file/dir is NOT real go to index
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [QSA,L]
</IfModule>
# If Mod_ewrite is NOT installed go to index.php
<IfModule !mod_rewrite.c>
ErrorDocument 404 index.php
</IfModule>

Add another exclude condition like this:
# If the request is not from /some-folder/
RewriteCond %{REQUEST_URI} !^/some-folder/ [NC]
# If the file is NOT the index.php file
RewriteCond %{REQUEST_FILENAME} !index.php
# Hide all PHP files so none can be accessed by HTTP
RewriteRule ^(.*)\.php$ index.php/$1 [L,NC]

this might help - put your codeigniter folders one level up, above the html files.
i'm going to show this by also renaming the ci folders slightly
/ /html/site files are here
/applicationbeta/html/
/systemci2 /html/
in the site files, make a folder, for example 'website'
put your codeigniter index.php file in it
put any of your assets like css and js in it
/html/website/index.php
/html/website/assets/
then in your index.php file change the path to your system and application folders
i've renamed them to show how easy it is to make different versions
$system_path = '../../systemci2';
$application_folder = '../../applicationbeta';
put a base url config in index.php -- that will deal with the website folder and will make all your links correct.
$assign_to_config['base_url'] = 'http://domain.com/website/';
the htaccess file in the folder website should contain a line like
RewriteRule ^(.*)$ /website/index.php/$1 [L]
Many many advantages to doing it this way. INCLUDING -- not having to worry about base_url() settings for development versus deployment servers.
i just scanned a long tutorial on how to dynamically set base_url with lots of code. But if you just set it in the index.php file - you never have to worry about it - because the index.php file location - never changes!

URL Rewrite - Not from .htaccess - Magento

Looking for a bit of help as ending up going round in circles trying to understand where the problem may lie.
We recently had our magento side on www.domain.com which would shop through rewrite rules as:
"domain.com/"
This was correct.
However, as we are targeting the UK market, the site being relatively new we decided to buy up the .co.uk domain and make the switch. Making it www.domain.co.uk, this was all changed correctly in the magento database/backend yet this now starts showing:
"domain.co.uk"
Missing the forward slash on the end.
I have confirmed in the mysql database that the URL has a slash, and have even turned off mod_rewrite from the .htacess, yet there is still a rewrite occurring from somewhere.
It seems like forever since I set this up on the previous site to remove the "http://" and add the forward slash, but I can't remember how or where I set this.
If anyone could point me in the right direction that would be greatly appreciated.
Kind Regards
Edit : Below is the code for rewrite:
<IfModule mod_rewrite.c>
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
############################################
## you can put here your magento root folder
## path relative to web root
RewriteBase /
############################################
## uncomment next line to enable light API calls processing
# RewriteRule ^api/([a-z][0-9a-z_]+)/?$ api.php?type=$1 [QSA,L]
############################################
## rewrite API2 calls to api.php (by now it is REST only)
RewriteRule ^api/rest api.php?type=rest [QSA,L]
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* - [L,R=405]
############################################
## redirect for mobile user agents
#RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
#RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
#RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]
############################################
## always send 404 on missing files in these folders
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteRule .* index.php [L]
</IfModule>

make sure you update all instances of the web/unsecure/base_url & web/secure/base_url in the core_config_data table, I'd suggest searching this table for all values like %domain.co.uk%.
Also delete the cache folder as some config values aren't completely removed with the admin Clear cache button.
Are you sure there is an actual redirect happening? Try using this site http://redirectcheck.com to see if you are actually being redirected. Some browsers will not show the http:// or trailing / so it may not be an actual issue.
If you need to redirect non-www to www add the following lines to your .htaccess file below " RewriteEngine on"
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

Htaccess rewrite in Magento

i'm trying to remove a certain string ".html" from our urls
current example url:
http://www.buildingmaterialsonline.com.au/insulation/by-brand/pink-batts/l/price-6,10///.html?dir=asc&order=price
to:
http://www.buildingmaterialsonline.com.au/insulation/by-brand/pink-batts/l/price-6,10///?dir=asc&order=price
my current htaccess file is :
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
#If request contains ref param
RewriteCond %{THE_REQUEST} \?([^&\ ]+).html= [NC]
#redirect to URL without the html param
RewriteRule ^ %{REQUEST_URI}?%1 [L,R=301]
############################################
## you can put here your magento root folder
## path relative to web root
#RewriteBase /magento/
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## always send 404 on missing files in these folders
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteRule .* index.php [L]
</IfModule>
any help would be appreciated

You don't need to use htaccess to do this.
Magento has an option in the back end to add these suffixes. It's .html by default.
This article goes through how to change it:
http://php.quicoto.com/how-to-remove-html-from-magento/

There is a simple option provided by Magento to remove .html from Category and Product URLs.
You don't need to any thing with .htaccess.
Go to System --> Configuration
Then Click on Catalog in Left Menu.
Then under "Search Engine Optimizations" tab, remove ".html" from "Product URL Suffix" and "Category URL Suffix".
Click on "Save Config" button.
Note: If you want you can set any other suffix for these entries.