On 08.10.2007, at 15:07, Stefan Koopmanschap wrote: > > We currently have a different approach. All our _dev files are outside > the web directory. That way, it will never be available on our > production machines. If we need it on production for debugging > purposes, we simply temporarily copy/symlink the _dev file inside the > web directory, and once we're done, we remove the file. > > To prevent accidental deployment of _dev files to production, we also > have them (inside the web directory) excluded from rsyncing. Our > deployment strategy is not to checkout on production, but to checkout > locally and use the symfony sync command to deploy to the production > environment. > > Hopefully this is helpful?
hmm not really. i think kris's approach is the most viable approach for me atm. symlinking would be a problem. a hacker could then just try to create some issue on the web site and wait for the development frontend to become available. actually i would not be surprised if hackers already have scanners that look for development frontends for symfony (or any other framework that has similar capabilities). regards, Lukas --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
