How Do I Make The Web Folder The Root?

vbmark · April 25, 2014, 6:05am

I downloaded the basic template and put the files in the root of my domain…

mysite.com

/ assets

/ commands

/ config

.

/web

This is on a shared server so I can’t create virtual hosts.

All the files must remain under mysite.com but I don’t want to have to do mysite.com/web

I just want to do mysite.com

Is this possible?

Thank you.

rooney10 · April 25, 2014, 6:49am

Take a look at this extension:

http://www.yiiframework.com/extension/yii2-app-practical/

It is a modified version of the advanced template which should be exactly what you want.

You can always change the basic template according to the changes in that extension too

levanlau · April 25, 2014, 8:01am

Hello,

You can refer this link:

aaronfrancis.com/blog/2014/1/9/hosting-an-advanced-yii2-application-on-heroku

Good luck.

samdark · April 25, 2014, 8:17am

Can you write files to outside of the webroot?

levanlau · April 25, 2014, 8:51am

No,

I don’t move any files.I only edit .htaccess file as content of that link.However,it done with Yii2-basic but Yii2-advance is not.

samdark · April 25, 2014, 9:04am

The question is if you can. Usually at shared hosting you can move out of webroot at least one level up.

levanlau · April 25, 2014, 10:01am

No,i can’t, because it will have error css.

vbmark · April 25, 2014, 11:39am

Samdark,

Yes, I am able to write to the sibling folder but the reason I would rather not is because I have two other domains and an app in a folder on that shared host so I would prefer to keep all of a domain’s files under its domain folder.

Do you have an opinion about the yii2-app-practical extension recommended by rooney10? I’ve been burned by extensions before but if this is a safe and secure solution I’ll give it a try.

What do you recommend?

Thank you!

samdark · April 25, 2014, 3:37pm

It is not extension but application template. Looks not much different from official app to me but, of course, it’s better to review it before using.

vbmark · April 25, 2014, 9:27pm

OK, thank you.

Alright, this seems to work.

However, if I do something like


mysite.com/console

then I get a directory listing.

Should this template protect against that?

kartikv · April 26, 2014, 5:22am

You need to control this through your web server security (e.g. you can use .htaccess for apache). Typically you can set this at your app root level which will work hierarchially.

IMO… this should be done irrespective of the template (including basic or advanced) you are using.

For example you can create a .htaccess file in your console folder containing:


deny from all

, which will restrict access to the console. You can also set a master .htaccess at app root for all folders below.

I will edit the yii2-app-practical template to include maybe a sample .htaccess with some common security rules inbuilt. This will benefit people using Apache.

kartikv · April 26, 2014, 5:38am

I pushed in a default .htaccess to the yii2-app-practical template for Apache web server security (which one can edit if needed).

If you try a reinstall of the yii2-app-practical template it should now restrict accesses.