For testing I hosted my website on free server from 000webhost.com
They have a directory structure:-
(root folder) \
(public folder) \public_html
this directory structure enables to keep all the library files in root folder and all public data in \public_html, so I developed my website accordingly, and my final structure looked like:-
/
/include(this folder contains library files)
/logs(log files)
/public_html
/public_html/index.php
/public_html/home.php
/public_html/and other public files
on 000webhost makes only public_folder available to be accessed via url and my url looked neat and clean like
www.xample.com/index.php
or
www.example.com/home.php
but after completion of development I moved website to shared host purchased from go-daddy.com, now they do not have any such kind of directory permission, all the files are kept in root folder and are accessible via url also url has become like:-
www.example.com/public_html/home.php
or
www.example.com/public_html/index.php
How should I redirect url request to public_html folder again so as to make library file unavailable to public access and make url neat and clean.
Does Godaddy allow you access to Apache?
If so you might be able to modify document root in such a way that the public folder is on the same level as the library and log folders.
Otherwise you will be left in the same situation as many other who use shared hosting and have to protect your folders with .htaccess files.
Related
In hosting, there are folders of a.mysite.com, b.mysite.com, c.mysite.com ....z.mysite.com within the root folder of mysite.com, and each site file is stored.
What I want is without installing all robots.txt files in each subdomain folder.
It is to install only one in the mysite.com root folder and share it all. Because all you need is a robots.txt file in its most basic form.
so in the end
When connecting to a.mysite.com/robots.txt, b.mysite.com/robots.txt, etc., you want to be properly connected to the robots.txt file.
I have a install that has a web folder that has the website stored in this. How can I make the domain load from this folder within the public_html folder.
The domain is like: sub.domain.co.nz
Don't put the entire Symfony project under the public_html folder - this will cause all of the project files to be accessible over the web, including .yml files that include sensitive information like database passwords!
Put the Symfony project files in a folder that is not web accessible. Then configure your web server so that the DocumentRoot points to the path of the web folder of the Symfony project, and also modify the paths of all the aliases.
I read moodles documentation where it says that if the data root directory has to be in the site's public html folder ( Please see that i can not create it outside it since i dont have sufficient privileges as i am using a free account ). then you have to chmod it to 770 and also use htaccess to protect it.
Now i am creating the moodle inside my domain at folder /moodle/
and moodle uploads folder is /moodle-uploads/uploads/
and i have an .htaccess setup in /moodle-uploads/.htaccess
where its contents are
order deny,allow
deny from all
as specified on
http://docs.moodle.org/20/en/Creating_Moodle_site_data_directory
But still when i run the auto installer script it says the data root directory is not secure
This is not the best way of doing it but coding hack to just get rid of this error if you like try it..,
in moodle root go the install.php and if you are using 2.6 in line 341 or others versions search for is_dataroot_insecure() function and change it to false in the else if condition and try to install again,and that it..,
By default its going to give you warning for having it in the public html folder as according to the docs in the link you also provided.
Remember that by default moodle will issue a warning about moodle data
directories created inside the web directory, but otherwise this
directory can be located where you wish. You can later move or change
the location of this directory, but if you do, be sure to edit the
setting in the config.php file that sets this; e.g. if moodledata is
under a directory called data, then it would look like this:
As long as you have configured the dataroot location with the moodle data directory and placed your .htaccess file in that folder it should be fine.
i'm using moodle 2.4.1 and had a some problem. the solution open install.php file and search for statment
} else if (is_dataroot_insecure()) {
and disabled.
it's work for me
I have installed the plugin 'Advanced Search Plugin Like Facebook Search' of younet and I noticed the error that application/modules/Core/externals/scripts/ynadvsearch.php is not found.
Then I checked the location and the file was there. So I uploaded a test.php file and typed the url in address bar then also I could not access the test.php page. But I am able to access all the js pages on that folder.
I have deleted the htaccess file of external folder. But the issue remains the same.
How can we fix this?
It's a little weird, usually /externals/scripts folder is used only for javascript-files (and all php-files - inside of /controllers folder).
File .htaccess inside of /externals folder contains a rule
<FilesMatch "\.avi|flv|mov|wmv|wma|mp3|mp4|m4a|mkv|swf|pdf|doc|ppt|ico|jpg|jpeg|png|gif|js|css)$">`
It means that *.php files are not allowed for access inside of this folder.
I am in a shared hosting and I have made some space for my friend to host his website. As i know the power of a simple php script, I want to restrict my parent folder being accessed by Sub folder files. What this actually mean is, "My friend would have access to his domain folder only". He can neither include any file outside his root directory nor list the files.
public_html/ is the root of my directory
public_html/myfriend.com/ is the root of my friendss directory
I want to learn both.
01: public_html/ can be accessed by all the files except the files in folder myfriend.com/
02: public_html/ can be accessed no file in sub directories.
This would help me a lot.
Reminder: As a shared hosting holder, I don't have access to httpd.conf
Any way With httpd.conf or Without httpd.conf?
Well, it is all done server-side, so why not to create you friend seperate FTP User, MySQL user, restrict access to SSH and in FTP settings make /public_html/friendzone the root folder of his FTP User?