Reputation: 747
Why app_dev.php is available in production?
I have production website and notice that can be also accessed using app_dev.php in the url with debug toolbar. Under apache vhost I have:
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ app.php [QSA,L]
</IfModule>
How to disable app_dev.php on production?
Upvotes: 0
Views: 1666
Answers (2)
Reputation: 126
I would say you shoudn't have app_dev.php in production, it should be removed when you build the project.
Or what you could do instead of removing it, is to use environment variable to defined what is the SYMFONY_ENV and to use in the app_dev.php, if it's not dev, then you should denied or redirect.
Upvotes: 1
Reputation: 4397
app_dev.php is available beacuse:
- File exists
- Access to the file is allowed.
What you should do is either to remove the file or forbid access to it from .htaccess
Also, on app_dev.php there should be a line only allowing access from certain IP addresses (althought previous solutions are more robust).
Upvotes: 0
Related Questions
- symfony2 fresh installation test : app_dev.php works but app.php get redirection. Why prod doesn't work?
- Why does Symfony 2 use app_dev.php instead of one front controller?
- How to remove "web/app_dev.php" from Symfony2 URLs?
- Symfony2 - How can I remove 'web/app_dev.php/' from my url?
- Symfony2 and production environment - allways displays app_dev in links
- Symfony2 cant access app_dev.php unless removing .htacess file in web folder
- From development (app_dev.php) to production (app.php) in Symfony2
- disabled app and app_dev.php on my server prod Symfony 2.3
- Symfony2 app.php works but not app_dev.php
- Symfony 2 app.php vs app_dev.php