Jump to content

Archived

This topic is now archived and is closed to further replies.

russia5

config.php in folder or not?

Recommended Posts

Can anyone tell me if putting the config.php file in a folder rather than in the root, effects the security of the site in some way?

Share this post


Link to post
Share on other sites
not really. thats a broad question -.- kinda depends. just chmod the config file or something.

Share this post


Link to post
Share on other sites
It really depends on what your config file does.

Does the file print anything to the browser?

Does the file accept any variables passed from the URL?

If you answer "no" to both of those questions, there's not really anything that can damage by accessing this file directly.

However, if you want to prevent people from loading certain files, you could check if the file was access by way of an [b]include()[/b] or directly using some code like this at the top of each file you want to protect:

[code]
if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])){
  die("You are not allowed to access this file directly!");
}
[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.