Installing Cake Outside Root
There are some benefits to running the Cake libraries outside the main root folder. Since the index page of a web site I work on got compromised last week due to a PHP exploit, I decided it was a good time to begin finding ways to run Cake outside the root and to have all my Cake apps run off the same cake folder.
This is actually pretty simple to do. Here’s how I go about doing it.
Let’s say that my server setup has a root folder named “public_html” and that this folder is housed in another folder named after my account name (I’ll use “account”). Now when you download the Cake release, everything comes bundled into one folder named cake_1.2.x.x.x or something like that. It’s designed to work right out of the box, so we will have to change some things since we’ll be moving some folders around.
What I now do is place the “cake” folder in the account directory, not the “public_html” directory. I rename the cake_1.2.x.x.x folder to whatever I want the application to be named and place this folder into the “public_html” directory.
Finally, I open the app/webroot/index.php file and change line 56:
define('CAKE_CORE_INCLUDE_PATH', dirname(dirname(ROOT)));
Simple as that. This is described in the Cake Manual but I have had enough people ask me how I do it, so I figured I lay it out here.
I recommend this method because if you want to upgrade Cake, you need only swap out the Cake libraries rather than replace all of them throughout your whole server. Also, whatever you can do to minimize the amount of PHP exploitation that could be done by third parties is worth the time.
Daniel Hofstetter
Feb 17th, 2008, 2:55 am
I would also put the "app" folder (with the exception of the content of app/webroot) outside the "public_html" folder.