+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: Installation & Setup (https://forum.codeigniter.com/forumdisplay.php?fid=9)
+--- Thread: Codeigniter 4 on shared hosting (NOT CPANEL) (/showthread.php?tid=77421)
Codeigniter 4 on shared hosting (NOT CPANEL) - alley - 08-30-2020
Hi. I finally started my CI4 journey and realised i need to test a simple running site before i rollout updates from CI3 across several domains.
I struggling to publish a Ci4 website to a shared hosting environment.
I read this post https://forum.codeigniter.com/thread-76777.html which it doesnt help me at all.
My directory structure is:
/example.com (home folder)
/.tmp
/users
/public_html
/www_logs
While i am able to add content to the home folder. Im guessing I dont have executable permission above the public folder and i am unable to change that.
I ran a test by echoing line 16 of public/index.php:
($pathsPath = realpath(FCPATH . '../app/Config/Paths.php');)
realpath returns false as noted here:
https://www.php.net/manual/en/function.realpath.php
Quote:Note:
The running script must have executable permissions on all directories in the hierarchy, otherwise realpath() will return
Furthermore, As someone else suggested in a similar thread.... I cannot change web hosts!
Is there a safe way around this?
RE: Codeigniter 4 on shared hosting (NOT CPANEL) - jreklund - 08-30-2020
You can place the content of /public alongside app, system, writable... and modify your index.php into:
PHP Code:
$pathsPath = FCPATH . '/app/Config/Paths.php';
You now got the same security as your CI3, and need to protect it in other ways, with e.g. htaccess, so people don't have access to the application part of the code.
RE: Codeigniter 4 on shared hosting (NOT CPANEL) - alley - 08-30-2020
Thank you very much. Its works as you suggested.
If you have a moment, can you please explain or suggest a link where I can find the problem with CI3's security that resulted in the change of folder structures. For as long as i have been using Ci3 I have never had a security issue so I am curious.
Also, as it is, without edited the .htaccess files, if you try to access to folders directly its displays the following message "Forbidden
You don't have permission to access this resource."
Is this not enough ?
RE: Codeigniter 4 on shared hosting (NOT CPANEL) - jreklund - 08-30-2020
Your welcome, happy coding!
In case your web server gets miss-configured and it dosen't read your .htaccess file or PHP for some reason don't evaluate your files, people can access everything from the url. That's what the extra security provides, you can't access those files under any circumstances from an url (as it's one level up) even if your web-server setting changes.
If everything are configured correctly - your .htaccess will give you the same(-ish) type of protection.