requesting help on step 3 of the install directions re: renaming/moving the '_protected' directory in web root

Question

requesting help on step 3 of the install directions re: renaming/moving the '_protected' directory in web root

Opened this issue a year ago · 0 comments

just downloaded and installed ph7builder today! post-install, the app seem to be working. (i've successfully logged in to admin and client-side of the app.)

However, i initially had an issue when attempting to implement step 3 of the install directions re: renaming/moving the '_protected' directory in web root.

step 3 of the "https://ph7builder.com/doc/en/install" doc says:

"For optimal security Rename the "_protected" folder or move it outside the root of your server."

i had to skip step 3 to get the app to function. the issue was, if i merely renamed the folder or simply removed it from the web root entirely, the site throws errors because it says it needs content from the '_protected folder'; for example, this error that of course pops up immediately because bootstrap.php comes from that folder:

"Warning: require(C:\xampp\apps\myhostname\htdocs_protected\app/Bootstrap.php): Failed to open stream: No such file or directory in C:\xampp\apps\myhostname\htdocs\index.php on line 39

Fatal error: Uncaught Error: Failed opening required 'C:\xampp\apps\myhostname\htdocs_protected\app/Bootstrap.php' (include_path='C:\xampp\php\PEAR') in C:\xampp\apps\myhostname\htdocs\index.php:39 Stack trace: #0 {main} thrown in C:\xampp\apps\myhostname\htdocs\index.php on line 39"

therefore, i'm now thinking that possibly "renaming" or "moving" '_protected' may actually involve something along the lines of redirecting/re-pathing elements so that the files in the folder can be used yet still be further secured.

so, would anyone please be kind enough to explain how one can properly rename or move the '_protected' directory so as to increase security yet maintain complete site functionality?

(note: for development purposes, currently running latest ph7builder release on latest xampp win64 platform. will of course use something server other than xampp when actually going live. am i correct in assuming the process for securely renaming/moving '_protected' out of root will be similar between webserver platforms? if not, please also clarify any general differences that one might encounter in doing so as well if at all possible.)

thank you very much for any time and assistance you can give! :)