Posted by Tom on 11/02/07 18:25

On Thu, 01 Nov 2007 16:27:04 -0700, Animesh K wrote...
>
>I have a file abc.php which includes another file (which primarily has
>text) called text.php.
>
>Is there a way I can secure the text.php file without affecting the
>include_once('text.php') call in abc.php?
>
>By secure, I mean the outside user should not be able to find the file
>at all.
>
>Of course one method is to obfuscate the name of text.php, but any
>simpler solutions are preferred.
>
>Best regards,
>Animesh


I think some of the concern is that PHP files get configured to be parsed by the
server before being sent to the user. If you have .inc files, those probably get
delivered as plain text with all your code viewable.

You can probably add an entry to your Apache configuration to restrict access to
those files, such as...

<Files ~ ".inc$">
Order allow,deny
Deny from all
</Files>

Tom
--
NewsGuy Free Trial Accounts
Now a massive 20 Gigabytes of unrestricted downloads !
http://newsguy.com/

• Next in forum: Re: Include(filename.php) and security
• Prev in forum: Re: Include(filename.php) and security
• Thread view: Re: Include(filename.php) and security

[Reply to this message]