Folder exposed after upgrade to 8.5.0

English Language - Forum 📦 Install & Upgrade Help
1

Hi everybody :slight_smile:

I have upgrade my suitecrm from 8.4.0 to 8.5.0 using SSH.

All the process work fine and the upgrade is ok except a strange thing : when I log now on the url to connect to the url, I can see all the folders and i’m not redirected to the “public” folder.

I have checked, all seems ok, but I dont see what has changed and why I can see now the root folder when before I was sent directly to the “public” folder.

If I add “public” on the url, it works correctly.

I did apply a repair, deinstall and reinstall french language (not working anymore), have to put back my modified file “templateparser.php” in the AOS modules PDF (as the file has been removed and replaced by the newest version during the upgrade process).

I dont see any change in my htaccess file in public and dont even understand how the root folder can redirect to the public folder at the first place as I dont see htaccess or index.php to redirect to the “public” folder.

On my side, I tried to change the vhost to have the domain pointing on the public folder directly (did from my Cpanel), but it breaks many thing as in url the folder is added twice (this breaks images in quote for example), so I put back the domain to point to the root.
To secure, I only put an empty index.html in the root folder (to avoid the listing of folders), but that is not the best move…

Is there somebody able to explain me how the redirection working before on v8.4 to the public folder does not work anymore and how can I set this working again ?
There is obviously something missing but what and where ?

Thanks :slight_smile:
Xavier

2

Check your VirtualHost, DocumentRoot:

3

Hi Chris,
I dont have access to this file (I already check this doc before posting) : I only have access to a CPanel on a shared hosting.
I already tried to point the folder “public” in the vhost of the Cpanel, but the url are then “broken” because the folder “public” is raised 2 times like :
https://mycrm.com/public/legacy/public/…
and this break urls for images in PDF for example.

How can I solve this then ?

Thanks anyway for your help,
Xavier

4
5

Hi again Chris,

Again, already saw this thread, this made me change at the first time like explains in this thread, but again, the path are incorrect after this as the system add then an additionnal “folder” in url breaking the urls…

Thanks for your time :slight_smile:
Xavier

6

On cPanel you could navigate to these file and check if you have any errors there.

7
  1. Full path to the Suite base (installed) directory? /home/cpanelusername/public_html?
  2. Version of Apache? PHP? Type and version DB (MariaDB)?
  3. Is there an .htaccess file? Path to the .htaccess file? Contents of the .htaccess file?
  4. Is Suite application is running on a Domain? or on a Subdomain?
  5. Settings for the Domain’s or (Subdomain’s) VirtualHost from CPanel?
  6. FATAL errors from logs?
8

Hi,
I’m going to collect all this and I come back…
Thanks :slight_smile:
Xavier

9

Hi !
Ok, Here are all the answers to your list :slight_smile:

Full path : /home/lexa5522/crm2024leparc/

inside this root folder for the CRM, I have all the folders (bin, cache, config, core, extensions, logs, public, tmp, vendor) and several file of the crm (.editorconfig, .env, .env.local, .eslintrc.js, angular.json, composer.lock, files.md5, LICENCE.txt, package.json, proxy.conf.env.json, README.md, symfony.lock, tsconfig.json, tslint.json, VERSION, yarn.lock). I also add here an empty index.html to avoid listings.

APACHE : the one used on host O2switch, I dont know the version used.
PHP : 8.1
Type and version MariaDB : 10.6.16-MariaDB - type Mysql

Htaccess file : only in the folder public, the content of the .htaccess is :

# Use the front controller as index file. It serves as a fallback solution when
# every other rewrite/redirect fails (e.g. in an aliased environment without
# mod_rewrite). Additionally, this reduces the matching process for the
# start page (path "/") because otherwise Apache will apply the rewriting rules
# to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
DirectoryIndex index.php

# By default, Apache does not evaluate symbolic links if you did not enable this
# feature in your server configuration. Uncomment the following line if you
# install assets as symlinks or if you experience problems related to symlinks
# when compiling LESS/Sass/CoffeScript assets.
# Options FollowSymlinks

# Disabling MultiViews prevents unwanted negotiation, e.g. "/index" should not resolve
# to the front controller "/index.php" but be rewritten to "/index.php/index".
<IfModule mod_negotiation.c>
    Options -MultiViews
</IfModule>

<IfModule mod_rewrite.c>
    RewriteEngine On

    RewriteRule ^index.php.*$ - [L,NC]

    # Determine the RewriteBase automatically and set it as environment variable.
    # If you are using Apache aliases to do mass virtual hosting or installed the
    # project in a subdirectory, the base path will be prepended to allow proper
    # resolution of the index.php file and to redirect to the correct URI. It will
    # work in environments without path prefix as well, providing a safe, one-size
    # fits all solution. But as you do not need it in this case, you can comment
    # the following 2 lines to eliminate the overhead.
    RewriteCond %{REQUEST_URI}::$0 ^(/.+)/(.*)::\2$
    RewriteRule .* - [E=BASE:%1]

    # Sets the HTTP_AUTHORIZATION header removed by Apache
    RewriteCond %{HTTP:Authorization} .+
    RewriteRule ^ - [E=HTTP_AUTHORIZATION:%0]

    # Redirect to URI without front controller to prevent duplicate content
    # (with and without `/index.php`). Only do this redirect on the initial
    # rewrite by Apache and not on subsequent cycles. Otherwise we would get an
    # endless redirect loop (request -> rewrite to front controller ->
    # redirect -> request -> ...).
    # So in case you get a "too many redirects" error or you always get redirected
    # to the start page because your Apache does not expose the REDIRECT_STATUS
    # environment variable, you have 2 choices:
    # - disable this feature by commenting the following 2 lines or
    # - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
    #   following RewriteCond (best solution)
    RewriteCond %{ENV:REDIRECT_STATUS} =""
    RewriteRule ^index\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]

    # If the requested filename exists, simply serve it.
    # We only want to let Apache serve files and not directories.
    # Rewrite all other queries to the front controller.
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ %{ENV:BASE}/index.php [L]
</IfModule>

<IfModule !mod_rewrite.c>
    <IfModule mod_alias.c>
        # When mod_rewrite is not available, we instruct a temporary redirect of
        # the start page to the front controller explicitly so that the website
        # and the generated links can still be used.
        RedirectMatch 307 ^/$ /index.php/
        # RedirectTemp cannot be used instead
    </IfModule>
</IfModule>

The CRM is running on a subdomain (as before on the V8.4.0, no change),

The VirtualHost in CPanel is pointing the subdomain directly on the folder : mysubdomain.mydomain.com → /crm2024leparc
It is here where I tried to add /public at the end : this working but this also break some part of the CRM like the url for images used in PDF for example.

Nothing in suitecrm.log related to this (only some warning linked to imap).

Do you see anything wrong ?
Thanks
Xavier

10

If I am not wrong, you need to move your suitecrm folder at the below location.

/var/www/html/

Also, check root directory defined in the apache config file.

11

@rsp that won’t work at all, this is a shared hosting server.

@Chabi02

:point_up: this (adding public at the end) is correct. You should leave it like that and try to solve the other problems that arise.

12

Hi everybody,

Indeed, if I point a different folder like var/www/html, this will not work at all :slight_smile:

Ok, I can manage to have to add “public” at the end. My question was more : "Why that was working before out of the box (no need to add the public at the end) in V8.4 and not in V8.5 ?

To add a better security, I also blocked the ip from accessing to avoid any possible hack (an simple htaccess with a allow/deny works fine) : I dont want to take any risk.

Thanks to all :slight_smile:
Xavier

13

I don’t know, but there are other configurations that might affect this (for example, mod_rewrites or other htaccess configs). Sometimes you get things working in the wrong way - they work for some cases, others they don’t. The goal, of course, is to get things working the right way, and have it always work :slight_smile:

14

Thanks Pgr,

So, with the “list” given, you dont see anything incorrect ?

Is there anyone with the same issue on a migration to v8.5 ?

Thanks :slight_smile:
Xavier