russia5 Posted August 25, 2006 Share Posted August 25, 2006 Can anyone tell me if putting the config.php file in a folder rather than in the root, effects the security of the site in some way? Quote Link to comment Share on other sites More sharing options...
newb Posted August 25, 2006 Share Posted August 25, 2006 not really. thats a broad question -.- kinda depends. just chmod the config file or something. Quote Link to comment Share on other sites More sharing options...
HeyRay2 Posted August 25, 2006 Share Posted August 25, 2006 It really depends on what your config file does.Does the file print anything to the browser?Does the file accept any variables passed from the URL?If you answer "no" to both of those questions, there's not really anything that can damage by accessing this file directly.However, if you want to prevent people from loading certain files, you could check if the file was access by way of an [b]include()[/b] or directly using some code like this at the top of each file you want to protect:[code]if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])){ die("You are not allowed to access this file directly!");}[/code] Quote Link to comment Share on other sites More sharing options...
russia5 Posted August 25, 2006 Author Share Posted August 25, 2006 Thankyou very Much! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.