All geek questions in one place

.ENV visible

I am using Laravel 5.1

I recently uploaded my project on shared hosting. but when I browse http://siteAddress.com/local/.env, my .env file is visible.

Is there a way to hide this file or redirect people if they want to view a site with a folder view?

+10
source share
5 answers

Finally, I will hide .envand disable the index of the folder with the name local. I create .htaccessin a folder local.

And here is the code .htaccess

# Disable index view
Options -Indexes

# Hide a specific file
<Files .env>
    Order allow,deny
    Deny from all
</Files>
+18
source

Please create a file .htaccesswhere you have a .env file, and write the code as shown below:

# STRONG HTACCESS PROTECTION
<Files ~ "^.*\.([Ee][Nn][Vv])">
 order allow,deny
 deny from all
 satisfy all
</Files>

Then try hitting the .env file from the URL and it will not be available and will show the codes inside.

github.

, .gitignore .

.env
+10

.env public, , public .

:

, , , .env , . - , . - , , , , , .

https://laracasts.com/discuss/channels/general-discussion/how-do-you-protect-env-file-from-public

Check the folder structure on your hosting and make sure that the folder publicis the root of the document.

+2
source

Just go into your shared folder and open the .htaccess file and put your code right before that. And move this file to local

<Files .env>
    Order allow,deny
    Deny from all
</Files>
0
source

You can add the following code to your .htaccess file to disable the directory listing and restrict access to the .env file:

# Disable Directory listing
Options -Indexes

# block files which needs to be hidden, specify .example extension of the file
<Files ~ "\.(env|json|config.js|md|gitignore|gitattributes|lock)$">
    Order allow,deny
    Deny from all
</Files>
0
source

Source: https://habr.com/ru/post/1611197/

More articles:


All Articles