Jump to content

php security problem please help


realnsleo

Recommended Posts

hi everyone .. i have just finished developing a web application i hope to put on the www very soon. however my application has various folders that i dont want the public to access directly through a URL for example the images, config and includes folder which contain database and php scripts containing classes and functions and so on..

secondly in the includes folder for example i have a file called functions.php. so when someone accesses www.mysitename.com/includes/functions.php, i want a message to be output saying file cannot be accessed.

 

can anyone please tell me how i can go about this. thank you

Link to comment
https://forums.phpfreaks.com/topic/158399-php-security-problem-please-help/
Share on other sites

If you can modify or create an .htaccess file, you can put the following in it, and people will not be able to browse your directories:

 

Options -Indexes

 

And to keep people from accessing a file directly, you can you mod_rewrite with a rewrite rule such as:

 

RewriteRule ^functions.php - [F,L]

 

or use something like this:

 

<Files functions.php>

order deny,allow

deny from all

allow from yourwebsite.com

</Files>

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.