Well I didn’t find a way to move cakephp above (www, htdocs, etc)
Please refer to Remove cakephp 3.4 from webroot how to
I did however:
- Made a folder above htdocs (even with apache) named cake34up
- Put tmp\cache in that folder
- Put logs there also
- Created a file to house the salt and db password named salt.php
Now in cakephp (the folder inside htdocs) in the configs I,
include ROOTUP . "salt.php";
///paths.php define('DIR', '/cakephp/'); //at bottom /** * Path to the temporary files directory. */ define('TMP', ROOTUP . DS . 'tmp' . DS); /** * Path to the logs directory. */ define('LOGS', ROOTUP . 'logs' . DS); /** * Path to the cache files directory. It can be shared between hosts in a multi-server setup. */ define('CACHE', TMP . 'cache' . DS); //////do cache also///////////////////////
index.php define('ROOTUP', realpath(__DIR__ . '/../../../cake34up') . DIRECTORY_SEPARATOR);
app 'username' => 'root', 'password' => $password, 'database' => 'tjhs2', 'encoding' => 'utf8', 'timezone' => 'UTC', 'flags' => , 'cacheMetadata' => true, 'log' => false,
Notice I use $password, which I get from cake34up.
So the secure items are housed in cake34up, please let me know if this is secure. Seems cake is fairly secure anyway, but just some extra precautions.