Deprecation: #87889 - TYPO3 backend entry point script deprecated
See forge#87889
Description
The TYPO3 backend entry point script /typo3/
is no longer needed and
deprecated in favor of handling all backend and frontend requests with /index.
.
It is still in place in case webserver configuration has not been adapted yet.
Note that the maintenance tool is still available via /typo3/
.
Impact
The TYPO3 backend route path is made configurable in order to protect against
application admin interface infrastructure enumeration (WSTG-CONF-05).
Therefore, all requests are handled by the PHP script /index.
in order to
allow for variable admin interface URLs.
(via $GLOBALS
).
Affected installations
All installations using the TYPO3 backend /typo3
.
Migration
There is a silent update in place which automatically updates the webserver configuration file when accessing the install tool, at least for Apache and Microsoft IIS webservers.
Note: This does not work if you are not using the default configuration, which is shipped with Core and automatically applied during the TYPO3 installation process, as basis.
If you however use a custom web server configuration you may adapt as follows:
Apache configuration
It is most important to rewrite all typo3/*
requests to /index.
, but also
Rewrite
should be removed in order for a request
to /typo3/
to be directly served via /index.
instead of the deprecated
entry point /typo3/
.
Apache configuration before:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^typo3/(.*)$ %{ENV:CWD}typo3/index.php [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
Apache configuration after:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^typo3/(.*)$ %{ENV:CWD}index.php [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
Nginx configuration
Nginx configuration before:
location /typo3/ {
absolute_redirect off;
try_files $uri /typo3/index.php$is_args$args;
}
Nginx configuration after:
location /typo3/ {
absolute_redirect off;
try_files $uri /index.php$is_args$args;
}