Reputation: 121
Where exactly to place codeigniter files
I've been using codeigniter for a few months, and for my first couple projects I've just put all the files in the root. It's working okay that way, but a reading of the manual suggests for security reasons the system and application files should be moved--while index.php should be in the root.
I'm starting a new project, going back and reading the directions again, and trying to do exactly what they say to do this time. However, I'm having trouble understanding the following instructions, given in this page of the manual:
- "Install the CodeIgniter folders and files to your server. Normally the index.php file will be at your root."
- "For the best security, both the system and any application folders should be placed above web root so that they are not directly accessible via a browser."
So, reading this, I don't really understand exactly where I am supposed to put the files. Currently, as unzipped, it's a folder I've called codeigniter, with the all the ci files: system, application, user guide, index.php etc.
So my new Web site currently has this structure: --www.mywebsite.com ------Public
Should I make it this?
--www.mywebsite.com
-----codeigniter
--------application
--------system
--------assets
--------user manual
-----------Public
______________index.php
So basically only index.php would be in my root? (And maybe assets and user manual if I want?)
I did read somewhere that if I move system and application files I need to change their path--that should be easy enough, but I want to make sure I am correctly understanding what the ci manual is suggesting before I invest all the time in making the new setup work properly.
Any help would be much appreciated!
Upvotes: 1
Views: 1774
Answers (1)
Reputation: 38584
you can do something like this
www.mywebsite.com (folder where its located/root) - (Ex: If AWS - /opt/webapps/mysite/)
other
- application
- system
- assets
index.php
.htaccess <-- mainly to remove index.php from URL and other stuffs as well
then in index.php (on root)
$system_path = 'other/system'; # Line 100
$application_folder = 'other/application'; # Line 117
When calling CSS/JS/Images on assets folder
<link rel="stylesheet" type="text/css" href="<?php echo base_url()?>other/assets/boostrap.css">
Hence you can revoke permission to System folder with the help of .htaccess. (They(Codeigniter Team) already did that). If you open system folder there is file called .htaccess. Open it you can see something like this
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>
What I suggest you to do from security
- Set
base_url()correctly - Use Codeigniter Input methods. (to prevent injections. read more on this)
Resources of links
Upvotes: 1
Related Questions
- How do I use codeigniter in a subfolder on a server?
- codeigniter folder structure on webserver
- Codeigniter3: What are the core directories required?
- CodeIgniter: Placement of .htaccess file
- Where to Place/Manage files in CodeIgniter
- Setup the file directories and file permissions in codeigniter 2.1.4
- Where downloads folder should be placed in CodeIgniter
- Why are CodeIgniter application files in the public_html folder?
- How to use folders in Codeigniter?
- CodeIgniter, newbie questions