我始终确保我的应用程序code，配置文件，日志等，都存放境外的根目录中。这只是常识。所以，我的项目结构看起来就像......

  / APP /
/配置/
/网络/
 

我的客户已经与GoDaddy，所以我愣神注册一个基本的Linux主机包与他们，实现他们不会让你访问上面的根目录一级或者改变你的根目录，以低一个级别了。

他们的技术支持的人刚刚告诉我，使在那里一个新的文件夹并将其命名为网络，做一个HTML重定向来表示。啊。最明显的问题，那么，有人可以简单地浏览到 mydomain.com/config/database.yml

所以，我非常接近，只是移动的主机，但我想知道如果任何人知道的一种方式（htaccess的我想），我可以透明地重定向所有的请求到mydomain.com以mydomain.com/web~~V代替。然后，确保没有文件可以在访问/应用/，/配置/等等...

在/ web /目录，我需要mod_rewrite的，因为它是一个symfony的应用程序。

编辑：我已经添加了下面的.htaccess我的项目的根目录

 选项全部-Indexes

＆LT; FilesMatch（htaccess的|的htpasswd | INI | PHP |登录|阳明海运）$。＆GT;
订购允许，拒绝
所有拒绝
＆LT; / FilesMatch＆GT;
 

这给了我一些信心。但我还是不希望人们不得不去：

  mydomain.com/somestupidsubfolder
 

解决方案

嗯，它是这样的hostings常见的问题，当你不能把你的源代码webroot_dir之外。这是不正常的安全性，但没有做......我们应该把它放到web根目录。

因此​​，让所有的源存储在工程目录：应用程序，高速缓存，配置，数据，lib目录，登录，插件，测试等。 项目目录保存在您的webrootdir名为'的httpdocs

index.php文件中包含类似的事情：

  require_once（目录名（__ FILE __）'/工程/配置/ ProjectConfiguration.class.php'）;
$配置= ProjectConfiguration :: getApplicationConfiguration（'前端'，'刺'，假）;
sfContext :: createInstance建立（$配置） - ＆GT;调度（）;
 

项目配置文件ProjectConfiguration.class.php包括：

  //完整路径，自动加载
require_once '/usr/local/www/vhosts/mywebsite.com/httpdocs/project/lib/symfony/autoload/sfCoreAutoload.class.php';
sfCoreAutoload ::寄存器（）;

类ProjectConfiguration扩展sfProjectConfiguration
{
  公共功能设置（）
  {
    $这个 - ＆GT; setWebDir（$这个 - ＆GT; getRootDir（）'/ ..'）; //＆LT;＆LT;＆LT;  - 这样做的伎俩
    $这个 - ＆GT; enablePlugins（...）;
  }
}
 

和不要忘记关闭你的源代码（项目DIR）与htaccess的。

GL

I have always ensured my application code, configuration files, logs, etc, are stored OUTSIDE of the webroot. It's just common sense. So, my project structures look something like...

/app/
/config/
/web/

My client is already with godaddy, so I stupidly registered a basic linux hosting package with them, before realising they don't let you access one level above your webroot OR change your webroot to one level lower.

Their tech support guy just told me to make a new folder in there and call it "web" and do a "HTML redirect" to that. ugh. The obvious problem then that someone could simply browse to mydomain.com/config/database.yml

So, I'm very close to just moving hosts, but I was wondering if anyone knows of a way (htaccess I suppose) that I can transparently redirect all requests to mydomain.com to mydomain.com/web instead. Then, ensure no files can be accessed within /app/, /config/, etc...

Within the /web/ directory I need mod_rewrite since it's a symfony app.

EDIT: I have added the following .htaccess to the root of my project

Options All -Indexes

<FilesMatch ".(htaccess|htpasswd|ini|php|log|yml)$">
Order Allow,Deny
Deny from all
</FilesMatch>

Which gives me some confidence. But I still don't want people to have to go to:

mydomain.com/somestupidsubfolder

Hm, it is common problem for such hostings when you cant to put your sources outside webroot_dir. It is not OK for the security, but nothing to do... we should to put it to web root.

So lets all sources are stored in 'project' dir: apps, cache, config, data, lib, log, plugins, test, etc. Project dir stored in your webrootdir named 'httpdocs'

index.php contains something similar:

require_once(dirname(__FILE__).'/project/config/ProjectConfiguration.class.php');
$configuration = ProjectConfiguration::getApplicationConfiguration('frontend', 'prod', false);
sfContext::createInstance($configuration)->dispatch();

project configuration file ProjectConfiguration.class.php contains:

//full path to autoload
require_once '/usr/local/www/vhosts/mywebsite.com/httpdocs/project/lib/symfony/autoload/sfCoreAutoload.class.php';
sfCoreAutoload::register();

class ProjectConfiguration extends sfProjectConfiguration
{
  public function setup()
  {
    $this->setWebDir($this->getRootDir() . '/..'); // <<<-- this does the trick
    $this->enablePlugins(...);
  }
}

and DO NOT FORGET to close your sources ('project' dir) with htaccess.

gl