[SOLVED] Secure configuration file

Cardale · November 7, 2009

I wanted to make sure my configuration file was secure it contains a lot of important information. How can I make sure no one, but the server can access it.

Alex · November 7, 2009

Put it outside of your document root.

Cardale · November 7, 2009

What if this isn't an option? Is there any other ways?

Alex · November 7, 2009

I guess it depends what type of file it is. Putting key files outside of your document root is usually the best idea, but there are other ways. For example, if you're using a .ini file you could rename it with a .php extension, and do something like this:

; <?php exit; ?>
...

Because in .ini files lines starting with ';' are comments when you load that configuration file that won't be included, but if you try to run it from your web browser the php will be executed and it'll stop the script from executing.

Cardale · November 7, 2009

Ahh, I see that would be helpful. This works with a parse_ini_file command? Would these methods eliminate access then?

Alex · November 7, 2009

Yes, that's correct.

Sign In

[SOLVED] Secure configuration file

Recommended Posts

Cardale

Link to comment

Share on other sites

Alex

Link to comment

Share on other sites

Cardale

Link to comment

Share on other sites

Alex

Link to comment

Share on other sites

Cardale

Link to comment

Share on other sites

Alex

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information