How can i deploy my website on Heroku properly?

Question

I've trying to deploy my website on Heroku, the implementation that i used for this it's Model View Controller with PHP. I don't know what happend but when i try to access to the main page (or index) this works perfectly, when i'm trying to access other pages on mi website something occurs like this:

enter image description here

I know one reason which this is happening, i used in my Router the next:

$currentURL = $_SERVER['PATH_INFO'] ?? '/';
    //var_dump($_SERVER);
    
    $method = $_SERVER['REQUEST_METHOD'];

    if($method === 'GET'){
        $fn = $this->routesGET[$currentURL] ?? null;
    } else{
        $fn = $this->routesPOST[$currentURL] ?? null;
    }

So, i displayed global variable of PHP $_SERVER on my website and i noticed $_SERVER['PATH_INFO'] doesn't appear on it. So, i guess that the problem comes from Apache's configuration because i use Apache2 and PHP for this. So, i don't know how configure because it's my first time doing this, if you can help me, i'll really thank to you.

Here is my directory: enter image description here

And, finally my procfile:

web: vendor/bin/heroku-php-apache2 public/

Answer 1

These are the general appliable steps of configuring an MVC-based web application. Presumed web server version for the settings below: Apache HTTP Server v2.4.

1) Block access to all directories and files:

First of all, in the config file of Apache, the access to all directories and files should be blocked by default:

# Do not allow access to the root filesystem.
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Require all denied
</Directory>

# Prevent .htaccess and .htpasswd files from being viewed by Web clients.
<FilesMatch "^\.ht">
    Require all denied
</FilesMatch>

2) Allow access to a default directory:

The access to a default directory (here /var/www/), supposedly used for projects, should then be allowed:

<Directory /var/www/>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

My recommendation: For security reasons, this location should contain only a index.php and a index.html file, each of them displaying a simple "Hello" message. All web projects should be created in other directories and the access to them should be set separately, as described below.

3) Set access to a separate project directory:

Let's suppose that you create your project in another location (like in the directory /path/to/my/sample/mvc/) than the default one (/var/www/). Then, taking into consideration, that only the subfolder public should be accessible from outside, create a web server configuration for it, like this:

ServerName www.my-sample-mvc.com
DocumentRoot "/path/to/my/sample/mvc/public"

<Directory "/path/to/my/sample/mvc/public">
    Require all granted

    # When Options is set to "off", then the RewriteRule directive is forbidden!
    Options FollowSymLinks
    
    # Activate rewriting engine.
    RewriteEngine On
    
    # Allow pin-pointing to index.php using RewriteRule.
    RewriteBase /
    
    # Rewrite url only if no physical folder name is given in url.
    RewriteCond %{REQUEST_FILENAME} !-d
    
    # Rewrite url only if no physical file name is given in url.
    RewriteCond %{REQUEST_FILENAME} !-f
    
    # Parse the request through index.php.
    RewriteRule ^(.*)$ index.php [QSA,L]
</Directory>

Note that the above settings can be defined either:

• in the config file of Apache, or
• in a .htaccess file inside the project, or
• in a virtual host definition file.

In case a virtual host definition file is used, the settings must be included between the tags <VirtualHost> and </VirtualHost>:

<VirtualHost *:80>
    ... here come the settings ...
</VirtualHost>

Note: Don't forget to restart the web server after each change of the configuration settings.

Some resources:

• What is Options +FollowSymLinks? (1)
• What is Options +FollowSymLinks? (2)
• RewriteRule Flags
• Exposed folders in MVC application
• mod_rewrite: what does this RewriteRule do?