Convert .env file to env.php to mask critical info

2017-12-17 01:10:49 -06:00 · 2017-12-17 01:10:49 -06:00 · 9105c45ad0
commit 9105c45ad0
parent 817d3262d4
8 changed files with 95 additions and 8 deletions
--- a/.htaccess
+++ b/.htaccess
@ -0,0 +1,40 @@
+# Disable index view
+Options -Indexes
+
+# Hide a specific file
+<Files .env>
+    Order allow,deny
+    Deny from all
+</Files>
+
+<Files env.php>
+    Order allow,deny
+    Deny from all
+</Files>
+
+# Hide a specific file
+<Files storage>
+    Order allow,deny
+    Deny from all
+</Files>
+
+<IfModule mod_rewrite.c>
+    <IfModule mod_negotiation.c>
+        Options -MultiViews
+    </IfModule>
+
+    RewriteEngine On
+
+    # Redirect Trailing Slashes If Not A Folder...
+    RewriteCond %{REQUEST_FILENAME} !-d
+    RewriteRule ^(.*)/$ /$1 [L,R=301]
+
+    # Handle Front Controller...
+    RewriteCond %{REQUEST_FILENAME} !-d
+    RewriteCond %{REQUEST_FILENAME} !-f
+    RewriteRule ^ index.php [L]
+
+    # Handle Authorization Header
+    RewriteCond %{HTTP:Authorization} .
+    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+</IfModule>
--- a/bootstrap/application.php
+++ b/bootstrap/application.php
@ -18,7 +18,7 @@ class Application extends LaravelApplication
    {
        parent::__construct(dirname(__DIR__) . '/');

-        $this->loadEnvironmentFrom('.env');
+        $this->loadEnvironmentFrom('env.php');
        $this->useDatabasePath($this->basePath . '/app/Database');
        $this->useStoragePath($this->basePath . '/storage');
    }
--- a/env.php
+++ b/env.php
@ -0,0 +1,46 @@
+<?php
+exit();
+?>
+
+#
+# Before you go live, remember to change the APP_ENV to production
+# and APP_DEBUG to false. Adjust logging to taste
+#
+
+APP_ENV=dev
+APP_URL=http://localhost
+APP_SKIN=default
+APP_KEY=base64:zdgcDqu9PM8uGWCtMxd74ZqdGJIrnw812oRMmwDF6KY=
+APP_DEBUG=true
+APP_LOCALE=en
+
+PHPVMS_INSTALLED=true
+VACENTRAL_API_KEY=
+
+APP_LOG=daily
+APP_LOG_LEVEL=debug
+APP_LOG_MAX_FILES=3
+
+DB_CONNECTION=sqlite
+#DB_CONNECTION=mysql
+DB_HOST=localhost
+DB_PORT=3306
+DB_DATABASE=phpvms
+DB_USERNAME=root
+DB_PASSWORD=
+DB_PREFIX=
+
+MAIL_DRIVER=smtp
+MAIL_FROM_ADDRESS=no-reply@phpvms.net
+MAIL_FROM_NAME="phpVMS Admin"
+MAIL_HOST=smtp.mailgun.org
+MAIL_PORT=587
+MAIL_ENCRYPTION=tls
+MAIL_USERNAME=
+MAIL_PASSWORD=
+
+CACHE_DRIVER=file
+CACHE_PREFIX=
+
+SESSION_DRIVER=file
+QUEUE_DRIVER=database
--- a/env.php.example
+++ b/env.php.example
--- a/modules/Installer/Config/config.php
+++ b/modules/Installer/Config/config.php
@ -5,7 +5,7 @@ return [
        'version' => '7.0.0'
    ],

-    'env_postfix' => '',
+    'env_filename' => 'env.php',

    'extensions' => [
        'openssl',
--- a/modules/Installer/Services/EnvironmentService.php
+++ b/modules/Installer/Services/EnvironmentService.php
@ -86,8 +86,8 @@ class EnvironmentService
     */
    protected function writeEnvFile($opts)
    {
-        $env_file = \App::environmentFilePath();
-        $env_file .= config('installer.env_postfix');
+        $env_file = \App::environmentPath();
+        $env_file .= config('installer.env_filename');

        # render it within Blade and log the contents
        $env_contents = view('installer::stubs/env', $opts);
--- a/public/.htaccess
+++ b/public/.htaccess
@ -7,6 +7,11 @@ Options -Indexes
    Deny from all
 </Files>

+<Files env.php>
+    Order allow,deny
+    Deny from all
+</Files>
+
 # Hide a specific file
 <Files storage>
    Order allow,deny
--- a/public/index.php
+++ b/public/index.php
@ -14,11 +14,7 @@ $path_to_phpvms_folder = __DIR__.'/../';

 require $path_to_phpvms_folder.'/bootstrap/autoload.php';

-/**
- * @var $app Illuminate\Foundation\Application
- */
 $app = require_once $path_to_phpvms_folder.'/bootstrap/app.php';
-
 $app->setPublicPath(__DIR__);

 $kernel = $app->make(Illuminate\Contracts\Http\Kernel::class);