Let’s say we have the following schema:
root/
application/
-public/
index.php
css/
img/
javascript/
...
system/
...
I was thinking that if I create an .htaccess file in the root with the following rules:
RewriteEngine On
RewriteRule \.(css|jpe?g|gif|png|js|ico)$ - [L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ application/public/index.php?url=$1 [QSA,L]
I would be able to make other folder except public unable to be accessed. Assume index.php is the file that load all the file the application need and include and require them (with relative paths obliviously): the application is actually run in index.php and every public file such as css stylesheet, images or javascript script are in the public folder. So you, as user, cannot access the system folder because if you digit http://www.site.com/ it refers to root/application/public/. Am I right?
But the htaccess rule I set there does not work… If I put that htaccess in the root folder and I try to access the root folder the browser shows me the list of the file of the root folder (application and system). Why isn’t it working?
I used this while ago when index.php was in the root folder:
RewriteEngine On
RewriteRule \.(css|jpe?g|gif|png|js|ico)$ - [L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]
and it worked just fine. Why isn’t the new one working?
My initial code was right. Except for the third line which obliviously considered / a folder and made me see it instead of redirecting to application/public/.
Commenting the third line everything worked fine.