Fixing the "You are not allowed to access this file. Check app_dev.php for more information." error
If you attempt to access your application running inside a Vagrant VM using app_dev.php you’ll receive the following error:
You are not allowed to access this file. Check app_dev.php for more information.
If you look into your app_dev.php file you’ll see a line that looks like the following:
// This check prevents access to debug front controllers that are deployed by accident to production servers.
// Feel free to remove this, extend it, or make something more sophisticated.
if (isset($_SERVER['HTTP_CLIENT_IP'])
|| isset($_SERVER['HTTP_X_FORWARDED_FOR'])
|| !(in_array(@$_SERVER['REMOTE_ADDR'], ['127.0.0.1', 'fe80::1', '::1']) || php_sapi_name() === 'cli-server')
) {
header('HTTP/1.0 403 Forbidden');
exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
}The important part is this line:
|| !(in_array(@$_SERVER['REMOTE_ADDR'], ['127.0.0.1', 'fe80::1', '::1']) || php_sapi_name() === 'cli-server')This line looks at the IP address you’re using to access the system and makes sure it’s referring to the “local” computer. There are a couple options to fix this. This first is that you can just remove this line and then delete the app_dev.php file when you deploy. This could create a potential security problem because if you forget to remove it someone could access it and use the dev tools.
The better option is to add your local computers IP address to the list. To do this we’re going to change the exit function so it outputs you’re IP address.
exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information. You're IP: . $_SERVER['REMOTE_ADDR']);Now if you try to access the site you’ll get your IP address:
You are not allowed to access this file. Check app_dev.php for more information. Your IP: 192.168.56.1
Then you just need to add your IP to the list:
if (isset($_SERVER['HTTP_CLIENT_IP'])
|| isset($_SERVER['HTTP_X_FORWARDED_FOR'])
|| !(in_array(@$_SERVER['REMOTE_ADDR'], ['127.0.0.1', 'fe80::1', '::1', '192.168.56.1']) || php_sapi_name() === 'cli-server')
) {
header('HTTP/1.0 403 Forbidden');
exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information. Your IP: ' . $_SERVER['REMOTE_ADDR']);
}
Scott Keck-Warren
Scott is the Director of Technology at WeCare Connect where he strives to provide solutions for his customers needs. He's the father of two and can be found most weekends working on projects around the house with his loving partner.
Top Posts
- Working With Soft Deletes in Laravel (By Example)
- Fixing CMake was unable to find a build program corresponding to "Unix Makefiles"
- Upgrading to Laravel 8.x
- Get The Count of the Number of Users in an AD Group
- Multiple Vagrant VMs in One Vagrantfile
- Fixing the "this is larger than GitHub's recommended maximum file size of 50.00 MB" error
- Changing the Directory Vagrant Stores the VMs In
- Accepting Android SDK Licenses From The OSX Command Line
- Fixing the 'Target class [config] does not exist' Error
- Using Rectangle to Manage MacOS Windows