Reply to Re: how to not write password in code for using to mysql? — PHP Language

Posted by Willem Bogaerts on 06/04/07 06:46

> What is this groups overall view on setting up .htaccess with
> something like:
> php_value auto_prepend_file /path/to/password/file.php
>
> Is this a "Good Thing" or a "Bad Thing"? I have not deared to use it
> yet, though if it never "screws up" I'm inclined to think it is more
> secure since the path is hidden even when they can see your scripts.

Why do so in an .htaccess file? Do so in the main apache config.
Besides, I do not think there is much security left if people can see
the source code.
The best way to "protect" the passwords is to make them useless: block
any access from non-known machines (by IP address, for instance).

Best regards,
--
Willem Bogaerts

Application smith
Kratz B.V.
http://www.kratz.nl/

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация