#not sure if this belongs in this file
#don't know what the path to mod_rewrite.so is
#LoadModule rewrite_module libexec/apache2/mod_rewrite.so
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^$ webroot/ [L]
RewriteRule (.*) webroot/$1 [L]
</IfModule>
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /home4/maureep0/public_html/mysitesfolder>
Options FollowSymLinks
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
Ok so, you don’t need that <Directory> stuff, that’s for a completely different file (httpd.conf) in case the original rewrites don’t take.
The .htaccess in root really only exists for your protection, in case you accidently publish that instead of your webroot folder. When you set your public folder (for what is seen when they go to the site) that is webroot which you “share”.
which is just saying if somehow a browser got to this folder then throw them to the public one. Its poor security as they could manually type in full paths if they knew it was a CakePHP app and perhaps find something they shouldn’t.
.htaccess is eye-of-the-beholder (although correct me if I’m wrong) in that its relative to what the client browser sees - written from their perspective.
Again that stuff RewriteBase shouldn’t be needed - only if you got a funky setup. So your .htaccess in your webroot need only be: -
for example here are my .htaccess files from project running on shared webspace at ionos:
in root directory:
<IfModule mod_rewrite.c>
RewriteEngine on
#the next 2 lines are only for forwarding to https
RewriteCond %{SERVER_Port} !=443
RewriteRule ^(.*)$ https://yourdomain.com/$1 [R=301,L]
# end of forwarding
RewriteBase /
RewriteRule ^(\.well-known/.*)$ $1 [L]
RewriteRule ^$ webroot/ [L]
RewriteRule (.*) webroot/$1 [L]
</IfModule>
Heh, no worries. I actually removed my https redirections in my post so as to not confuse, as there can be more work for that; getting a certificate etc. I also force redirect my website to https.
