htaccess and /public_html/

#1
[eluser]ironlung[/eluser]
Hi there I have been looking at htaccess help sites for a few hours and feel dizzy Smile


I have a webserver that just gives me a root directory, I have no /html/ or /public_html/ subdirectories. I want to create /public_html/on there, place my index.php in there and then create /application/ and /system/ directories off the root, this would give me the required security setup recommended in the guidelines for CI.

All this is working at home in my dev environment to be honest I think I need help first with how to redirect all requests from the server root to /public_html/ via a .htaccess file first.

I hope my query isn't too confusing, I know I am Sad

Regards

#2
[eluser]jedd[/eluser]
I think on later versions of Apache (are you using apache - you didn't actually mention what web server you're using - this is probably important information if you're asking how to reconfigure a web server Wink you need the userdir module.

You might find there are some config sections in your apache config directories that are either commented out, or in a sub-directory of 'available' rather than 'enabled' mods.

This is probably moot if you don't have access to the server's primary configuration, as you can't just put an .htaccess file in a directory that Apache doesn't use, and hope that it'll stumble across it.

On my Debian box, the config for userdir looks like this. It, of course, assumes that users home directories are under /home/

Code:
UserDir public_html
        UserDir disabled root

        <Directory /home/ASTERISK-REMOVED-BY-FORUM/public_html>
                AllowOverride FileInfo AuthConfig Limit Indexes
                # Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
                Options MultiViews Indexes FollowSymLinks IncludesNoExec
                <Limit GET POST OPTIONS>
                        Order allow,deny
                        Allow from all
                </Limit>
                <LimitExcept GET POST OPTIONS>
                        Order deny,allow
                        Deny from all
                </LimitExcept>
        </Directory>

#3
[eluser]ironlung[/eluser]
Wow that's a fantastically speedy reply thanks, the hosting company say I can use an htaccess file in my root directory to achieve what I want to achieve but then sopped short of telling me what to put in it. I don't have direct access to the apache config perse.

#4
[eluser]jedd[/eluser]
So your hosted site is set up to allow multiple users within .. that is, you have a whole virtual machine effectively?

The 'apache config' files - you will need to access those in order to do what you're trying to do. Though, I think what you're trying to do may be surplus to requirements - if you just want a place to experiment, then make a /devel/ directory off web-root and work your projects in there. The username/public_html (giving url's like: http://site.com/~username ) is particularly handy for larger sites with lots of users hanging off a single Apache instance.

If you do want to proceed with user-dir stuff, and you are not sure what apache access you have, then make a phpinfo.php page, browse to it, and confirm userdir module is loaded. That'll be the first step.

#5
[eluser]ironlung[/eluser]
Great thanks i'll start on that now....

#6
[eluser]ironlung[/eluser]
According to this article http://perishablepress.com/press/2008/10...-htaccess/ I should just have to do this place this ina .htaccess in the root dir RedirectMatch 301 ^/public_html/$ http://domain.tld/ obviously changing domain.tld for my domain and I should be away. It doesn't seem to work and the hosting company are being a pain about getting back to me.

They say htaccess is enabled ......

I also tried to pull the phpinfo page and it came up blank lol


not a good afternoon for me Smile

#7
[eluser]Daniel Moore[/eluser]
[quote author="ironlung" date="1238450697"]According to this article http://perishablepress.com/press/2008/10...-htaccess/ I should just have to do this place this ina .htaccess in the root dir RedirectMatch 301 ^/public_html/$ http://domain.tld/ obviously changing domain.tld for my domain and I should be away. It doesn't seem to work and the hosting company are being a pain about getting back to me.

They say htaccess is enabled ......

I also tried to pull the phpinfo page and it came up blank lol


not a good afternoon for me Smile[/quote]

From what I understand, you have a site where the root url, http://www.example.tld, is linked to a path like /home/content/username/.

What you are trying to achieve, if I understand you correctly, is to make http://www.example.tld link to /home/content/username/public_html/.

If this is correct, then that particular article you referenced here does not tell you how to do what you have explained you want to do. That article tells you how to redirect a subdirectory, like http://www.example.tld/blog/ to http://www.example.tld/ but your host will still have http://www.example.tld pointed to /home/content/username/. This will not resolve the security issue you were concerned about.

It is perfectly acceptable to place your system folder at http://www.example.com/system/ if you put the proper safeguards in place. What I generally do, is place a .htaccess file in the /system/ directory when I am forced to set up a site like this, and have the following in the .htaccess file:
Code:
Deny from all

That should prevent people from browsing or directly linking to any files within that directory structure and should satisfy your recommended security requirements.

As far as changing where your domain actually points to on the server path, I have no idea how that can be done in the .htaccess. If anyone does know how to do it when you don't have access to the Apache configuration file, then please fill me in as well.

As far as phpinfo not working, sounds like you must have made an error somewhere.

#8
[eluser]ironlung[/eluser]
Excellent thanks for your replies

I worded my original request badly perhaps but what my hosting service didn't supply /public_html/ as the root directory and I wanted to put /public_html/ and /application/ and also in my case /system/ off of the root directory but have the /public_html set as the root for serving http requests.

I have placed a .htaccess in the root directory containing the following

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/public_html
RewriteRule (.*) /public_html/$1


this more or less achieves what I want - i think I still have to protect the system/ and application directories but I can do that easily with the deny from all statements as above.


thanks for all your help guys...


regards


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.