I'm thinking of creating a very limited php microframework just for own use, however I came across a situation, most frameworks use a folder called public
and on the usually production servers we point this folder with DocumentRoot
through httpd.conf
.
The structures usually looks like this:
/home/user/projeto
├── data/
├── vendor/
├── application/
└── public/
├── .htaccess
└── index.php
Vhost looks like this:
<VirtualHost *:80>
ServerName myapp.localhost.com
DocumentRoot "/home/user/projeto/public"
<Directory "/home/user/projeto/public">
AllowOverride all
</Directory>
</VirtualHost>
But as in my case it's a simple microframework for personal use I thought of using the folder structure:
/home/user/projeto
├── index.php
├── .htaccess
└── exemplo/
├── application/
├── vendor/
└── data/
In this second example, /home/user/projeto/.htaccess
looks like this:
IndexIgnore *
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule "^exemplo/" "index.php" [L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
Note that I used RewriteRule "^exemplo/" "index.php" [L]
to prevent access to the contents of the exemplo/
folder where the project files, libraries, and classes are located, and the data/
folder that is used to write non-public data. Also if it is accessed like this: http://site/exemplo/
it will execute /home/user/projeto/index.php
.
The reason for wanting to use the second way is to make it easier to port the application to other servers without having to configure DocumentRoot
and restart Apache, making settings easier.
The question is:
- Using
RewriteRule "^exemplo/" "index.php" [L]
to prevent access to theexemplo/
folder where I have thedata/
,vendor/
, andapplication/
folders can be unsafe or could cause some other type of problem?