URGENT: how to block access to php code?

[king.oslo]

Hello,

 

On my VPS, most of the php files that are requested, i.e. index.php are returned to the client as interpreted php code (ie HTML, for example). However, in a few directories, when a clients requests a file, i.e. database.php, the actual php-code is returned (where database username and password are present) which is a major issue!!!!

 

How can I change this so that the server returns interpreted php-code, not raw php code?

 

Very greatful for quick replies!

 

Thanks,

 

Kind regards,

Marius

[PFMaBiSmAd]

The php language engine is either specifically disabled for those folders or it was never enabled for those folders.

 

Are there any .htaccess files that have statements in them with any php language related settings that could be disabling php in those folder(s)?

 

Do any of the httpd.conf and related apache configuration files have any conditional statements that only enable the php language in specific folder(s), such as your document root folder?

 

Short answer: You need to investigate the configuration settings on your server to find out either why php is only enabled in certain folders or to find out why it is disabled in other folders.

[king.oslo]

Thanks.M

[PFMaBiSmAd]

Another possibility is if you are using short open tags <? in the code that simply being output instead of being seen as php code.