Reply to Re: Include(filename.php) and security — All PHP

Posted by Tom on 11/02/07 18:25

On Thu, 01 Nov 2007 16:27:04 -0700, Animesh K wrote...
>
>I have a file abc.php which includes another file (which primarily has
>text) called text.php.
>
>Is there a way I can secure the text.php file without affecting the
>include_once('text.php') call in abc.php?
>
>By secure, I mean the outside user should not be able to find the file
>at all.
>
>Of course one method is to obfuscate the name of text.php, but any
>simpler solutions are preferred.
>
>Best regards,
>Animesh

I think some of the concern is that PHP files get configured to be parsed by the
server before being sent to the user. If you have .inc files, those probably get
delivered as plain text with all your code viewable.

You can probably add an entry to your Apache configuration to restrict access to
those files, such as...

<Files ~ ".inc$">
Order allow,deny
Deny from all
</Files>

Tom
--
NewsGuy Free Trial Accounts
Now a massive 20 Gigabytes of unrestricted downloads !
http://newsguy.com/

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация