Set location of laravel .env

Question

So I just published a build of laravel to my production server. But the .env file was readable when I uploaded it. So I uploaded it to root of my site next to the public_html/ directory.

My question is: How to tell laravel where the .env file is located? It worked when I had it in the public_html/ folder but how do I tell it to look in the root folder?

Answer 1

Add code in bootstrap/app.php

$app = new Gecche\Multidomain\Foundation\Application(
    $_ENV['APP_BASE_PATH'] ?? dirname(__DIR__),
    dirname(__DIR__) . DIRECTORY_SEPARATOR . 'envfolder'
);

Answer 2

I ended up setting a symlink from public to public_html and everything worked as expected

Answer 3

Set env path in bootstrap/app.php:

$app->useEnvironmentPath($env_path);

for example, directory layout for my project:

 webapp 
 -laravel 
 -public
 -.env

Custom path to env file

$app->useEnvironmentPath(
  dirname(__DIR__, 2)
);

Answer 4

This way you can access .env file from other location, but it is not good for security.

your-project/bootstrap/app.php

$app = new Illuminate\Foundation\Application( realpath(DIR.'/../') );

$app->useEnvironmentPath(base_path('foldername/'));

add this code in .htaccess file for security

<Files .env>
order allow,deny
Deny from all
</Files>

Answer 5

What you need to upload to public_html is contents of public directory in Laravel installation including any JavaScript files, CSS files or images that should be accessible to client, everything else should be placed out of public directory.

Answer 6

As you can read in the official documentation, the .env file must be in the root directory of your Laravel app. There's no way to change the file location (and I think there's no point too).

Moreover, the root folder SHOULDN'T be a public folder, as .env shouldn't be exposed to a public access, otherwise the main security aim of it would be completely lost.