Prepare application for public access. Basically three types of resources:
Public
Currently no page is public, but there will be created proxy for static maps, see #50 for more info.
In future there could be public tester?
Protected
Access only if proper authorization.
webhook.php for accessing from Telegram servers, maybe other files for more bots as Discord? (protect via key in GET parameter)
cron-refresh.php for autorefresh feature (protect via key in GET parameter)
index.php containing admin dashboard (protect via http basic auth)
set-webhook.php part of admin dashboard (protect via http basic auth)
in future API endpoints (protect via key in GET, bearer token, whatever...)
Private
Can't be accessed from webserver by any way, basically everything else as /src, /temp, /data...
Idea
There should be some public www folder in root of app, which only that will be accessible from webserver. All private stuff would be located in root app so not accessible from webserver. This should be easy job for .htaccess
Prepare application for public access. Basically three types of resources:
Public
Currently no page is public, but there will be created proxy for static maps, see #50 for more info. In future there could be public tester?
Protected
Access only if proper authorization.
Private
Can't be accessed from webserver by any way, basically everything else as /src, /temp, /data...
Idea
There should be some public www folder in root of app, which only that will be accessible from webserver. All private stuff would be located in root app so not accessible from webserver. This should be easy job for .htaccess