diff options
| author | Harald Eilertsen <haraldei@anduin.net> | 2024-07-07 11:27:09 +0200 |
|---|---|---|
| committer | Harald Eilertsen <haraldei@anduin.net> | 2024-07-07 11:27:09 +0200 |
| commit | 24b41331efb09953aa606904c293f5a44714ac94 (patch) | |
| tree | e37124f21106159c8136a8872cdd443564d205ea | |
| parent | 3744f1eb8a85e5d55e9de8d616845c800fe39273 (diff) | |
| download | volse-webtrap-24b41331efb09953aa606904c293f5a44714ac94.tar.gz volse-webtrap-24b41331efb09953aa606904c293f5a44714ac94.tar.bz2 volse-webtrap-24b41331efb09953aa606904c293f5a44714ac94.zip | |
Move index.php file to public directory.main
This allows us to set doculemt root to the public directory, so that
there's less chance for shady actors to access the actual modules of the
system directly.
Just to be on the safe side, I added a new index.php file in the root of
the project, to return a forbidden status in case of a misconfigured
server.
| -rw-r--r-- | index.php | 4 | ||||
| -rw-r--r-- | public/index.php | 10 |
2 files changed, 12 insertions, 2 deletions
@@ -1,8 +1,8 @@ <?php + // SPDX-FileCopyrightText: 2024 Eilertsens Kodeknekkeri // SPDX-FileCopyrightText: 2024 Harald Eilertsen // // SPDX-License-Identifier: AGPL-3.0-or-later -require __DIR__ . '/vendor/autoload.php'; -require __DIR__ . '/src/process-request.php'; +http_response_code(403); diff --git a/public/index.php b/public/index.php new file mode 100644 index 0000000..98e78d3 --- /dev/null +++ b/public/index.php @@ -0,0 +1,10 @@ +<?php +// SPDX-FileCopyrightText: 2024 Eilertsens Kodeknekkeri +// SPDX-FileCopyrightText: 2024 Harald Eilertsen +// +// SPDX-License-Identifier: AGPL-3.0-or-later + +define('WEBTRAP_ROOT_DIR', dirname(__DIR__)); + +require WEBTRAP_ROOT_DIR . '/vendor/autoload.php'; +require WEBTRAP_ROOT_DIR . '/src/process-request.php'; |