Production style on a shared host

28 March, 2007

Show comments

Most websites written in cake will inevitably end up installed on a shared host. Shared hosts are a great compromise between freedom and cost but one of the things that you typically can't do is change the DocumentRoot (the physical directory on the server that corresponds to the url /). The manual explains how to change between a development (extract your cake files and go) style and a production style (nothing except files that should be directly accessible from the web are in the DocumentRoot) install but how you can apply this to a shared host may not be obvious; and this is what I'll try to explain here.

Why bother

It's unlikely to be a problem to use a development style install on a live site - but I stress the unlikely. That said it does mean that some files that should never ever be directly accessible can be accessed via a url. For any php file this is not a problem, you can't see the file only the output from it which means for example if you tried the url /app/config/database.php would just show at most a blank page. However, depending on the server settings this could mean that some potentially sensitive files (anything in the tmp folder) can be web-accessible effectively to anyone. So before you start logging "Bob logged in", "Bob changed his password to x" make absolutely sure that a curious user can't simply access your debug log and then log in as Bob and change all the prices for your products :) (a preemptive reply: no. I just have an active imagination).

The standard development install

So to start at the beginning, once upon a time.. no wait - wrong beginning :D. Ahem: Consider a new clean site on a shared host; where the DocumentRoot is on the server is 100% unimportant, as only relative paths will be used in this post (as I would recommend for reality as well), however it will be assumed that the server has a top level folder named DocumentRoot for simplicity.

A development install would therefore look something like this:

  • DocumentRoot
    • app
      • webroot (1)
        • .htaccess (2)
        • index.php (3)
      • .htaccess
      • index.php
    • .htaccess
    • index.php

The 'important' folder, index and .htaccess file has been marked. If you own the server, you could just change the DocumentRoot to point to the webroot folder, but if you don't have that option...

Production file locations

The goal here is to maintain a easy means of upgrading your cake app, and make only the files in or under the webroot folder directly accessible from the web. The truth is it's not very difficult to do :).

First, it is necessary to move some files around, create a folder to hold your files outside the DocumentRoot. Where it is, and what it is called is again, 100% unimportant.

In the example below I have created a folder named 'website_files' to house everything, and moved everything that was previously in the DocumentRoot into it. The second and last step is to copy the contents of the webroot folder back into the DocumentRoot so that there is a tiny cake presence to receive and process those url requests.

  • DocumentRoot (1)
    • .htaccess (2)
    • index.php (3)
  • website_files
    • app
      • views
    • vendors

Editing the index file

As might be obvious from the last dir layout, the index and .htaccess files that are no longer web accessible can be deleted. This leaves only the index (2) and .htaccess (3) file that were previously residing in the weboot folder. If you only move files and folders around, you will be unsurprised to discover that cake will not be able to find various files and it doesn't work; however with a single change to your index.php file to tell cake where your ROOT is - you're good to go again. Below is an example index file, with the definition for the ROOT constant modified. It is worth noting that a relative path has been used to define the root, which is good practice to make the files location independent - quite useful if your development machine file locations don't match your server, or runs a different operating system.

Wrapping up

By moving some folders around, it is possible to make a shared-hosted website more secure without introducing any complexity. Even if you have the option to change your DocumentRoot it may be desirable for one reason or another to modify the cake folder structure. A clear separation is made between the files that can be directly accessed, and those that can only be accessed via cake. If you can think of an improvement to this approach (although how something so simple can be improved I don't know :D), or do something slightly different, I'd be interested to know.

Bake on!