|
|
Posted by cewyattjr on 07/16/06 20:14
Thanks for all these great suggestions!
J.O. Aho wrote:
> dimo414 wrote:
> > I agree with the suggestion to keep username/password files outside the
> > web root. If you cannot do this (such as scripts like PHPBB and
> > Coppermine) place the username/passwords inside a PHP file as varibles
> > which can be included in any needed scripts, this way, if someone knows
> > the name of the password file, and tries to view it, all they will see
> > is a blank screen, as the PHP was parsed and dealt with before being
> > sent out.
> >
>
> You can move the file outside the web-root too, move the file to a secure
> location, create a new file with the same name in the same location and you
> just add the include_once/include line to include the original configuration
> file, this works fine as long as there aren't any include lines in the
> original file, if there are, you need to change those to include an absolute
> path to the included files instead of relative paths.
>
>
> //Aho
Navigation:
[Reply to this message]
|