On Wed, Feb 10, 2010 at 1:41 PM, Gareth McCumskey <gmccums...@gmail.com>wrote:
> The problem with that arrangement is that in order to make it work > /www needs to be accessible by apache, and he subfolders, and > therefore that means that /www/application is also accessible by > apache and so creates a security risk for the application. > > The reason why symfony is structured like /application/web is that > only the web directory needs to be open to apache and the rest of the > application is securely stored above it where apache cannot access > files. > > Hope that helps a bit > > On Wed, Feb 10, 2010 at 9:34 AM, Tom Ptacnik <to...@tomor.cz> wrote: > > Shorter question :-) > > > > Did someone tryied to change project structure to: > > > > /www (web folder - index.php, .htaccess, css, js....) > > /www/application (rest of the application - apps,cache,config,....) > > > > and had some problems with that? > Yes, you can do it, just change the path to ProjectConfiguration.class.php in your controller (index.php), that should be it. *BUT*, as Gareth mentioned, making your dirs accessible by Apache creates some security issues. For example, after you do that visit yourdomain/application/config/databases.yml - assuming you have a database, you'll see the password there as clear text. You can (read: you *must*, if you do this) setup apache to deny access to that entire directory (/www/application). -- You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to symfony-us...@googlegroups.com. To unsubscribe from this group, send email to symfony-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en.
