|
Posted by Edward Z. Yang on 05/27/07 15:18
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
2good2b@gmail.com wrote:
> Is there any way to deny public access to the smarty TPL files?
> I checked my site and currently anyone can enter view the source of
> the TPL files by just surfing there.
> When I'm trying to change privileges the smarty system stops working
>
> I've been told the templates can possibly be moved to a directory not
> in www, is it possible?
There's an umber of ways you can go about doing this:
1. Add an .htaccess file that denies access to *.tpl files.
2. Move the template files outside of the web root, which is the folder
that gets displayed when you browse to http://www.example.com/
- --
Edward Z. Yang GnuPG: 0x869C48DA
HTML Purifier <htmlpurifier.org> Anti-XSS HTML Filter
[[ 3FA8 E9A9 7385 B691 A6FC B3CB A933 BE7D 869C 48DA ]]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGWaFFqTO+fYacSNoRAoJEAJ9VcMPpjvCs5IyBDPe2FVqrZPi/uACffuWj
hmDBhWNQ3s3GGxgVMZnJpWo=
=w2Sw
-----END PGP SIGNATURE-----
[Back to original message]
|