5kyy8lu3 Posted December 10, 2008 Share Posted December 10, 2008 Hi. This is a weird question and I'm not sure php can even resolve this, but here it goes: Right now, when I goto my site, you see www.kloudz.com/ it doesn't show the actual index.php file in the address bar but after i log in and it sends the user to "logged.php" using the header("Location= "); the adress bar shows the location and name of the php file like so: www.kloudz.com/logged.php This bugs me. is it possible to keep that hidden? i tried using header to send the browser to a new directory so I could use the index.php in that directory to keep the file name hidden but it seems to be resetting my session variables when i do that. any ideas? i'm only doing it for security reasons, so if you think it doesn't matter either way, that's a perfectly legit answer to me =) thanks Quote Link to comment Share on other sites More sharing options...
GingerRobot Posted December 10, 2008 Share Posted December 10, 2008 You could keep everything on the index page and pass around the pages you're actually using in the address bar for example, but there's no real point. You shouldn't be relying on security through obscurity: don't assume that someone wont find a page of your site - don't let them access it at all. Quote Link to comment Share on other sites More sharing options...
blueman378 Posted December 10, 2008 Share Posted December 10, 2008 ah security through obscurity i had a 900+ page arguement with someone about that, but anyway would a .htaccess rewrite rule not work? Quote Link to comment Share on other sites More sharing options...
grandman Posted December 10, 2008 Share Posted December 10, 2008 Hello, I've tried htaccess, it never works for me. I wanted to stop someone copying the address from the browser, then pasting it in a new window. all htaccess did was stop everything working. I think the answer lay in utilizing other functions offered by php. I use require once, move and delete file. the correct use of the above with a correctly designed login script stops direct access, and will make it difficult, to access the file. I think that it depends on what your looking to protect, if it's that important then even a 128bit encryption wont stop a very determined hacker. DG Quote Link to comment Share on other sites More sharing options...
5kyy8lu3 Posted December 10, 2008 Author Share Posted December 10, 2008 ok thanks, after i posted this i thought about it some more and realized that even if i sent it to a new directory, anyone with half a brain would know the file is index.html or index.php so i guess it doesn't matter, i'll just have to use other methods to stay "secure" like filtering my form inputs lol Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.