russia5 Posted August 25, 2006 Share Posted August 25, 2006 Can anyone tell me if putting the config.php file in a folder rather than in the root, effects the security of the site in some way? Link to comment https://forums.phpfreaks.com/topic/18654-configphp-in-folder-or-not/ Share on other sites More sharing options...
newb Posted August 25, 2006 Share Posted August 25, 2006 not really. thats a broad question -.- kinda depends. just chmod the config file or something. Link to comment https://forums.phpfreaks.com/topic/18654-configphp-in-folder-or-not/#findComment-80404 Share on other sites More sharing options...
HeyRay2 Posted August 25, 2006 Share Posted August 25, 2006 It really depends on what your config file does.Does the file print anything to the browser?Does the file accept any variables passed from the URL?If you answer "no" to both of those questions, there's not really anything that can damage by accessing this file directly.However, if you want to prevent people from loading certain files, you could check if the file was access by way of an [b]include()[/b] or directly using some code like this at the top of each file you want to protect:[code]if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])){ die("You are not allowed to access this file directly!");}[/code] Link to comment https://forums.phpfreaks.com/topic/18654-configphp-in-folder-or-not/#findComment-80412 Share on other sites More sharing options...
russia5 Posted August 25, 2006 Author Share Posted August 25, 2006 Thankyou very Much! Link to comment https://forums.phpfreaks.com/topic/18654-configphp-in-folder-or-not/#findComment-80518 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.