Storing files outside of web document tree question

[tec-4]

Quick Question:

 

What does it mean to be outside of the web document tree and why is it such a good place to store info?

 

Have been reading through my first PHP book and it references this quite often but I don't think I fully understand it.

 

 

[Psycho]

When you set up a domain on a web server you specify a folder to act as the web root. So, when a user types into their browser www.mydomain.com/index.php, the web server will be looking for that file in the web root. Depending on your hosting service they may ONLY give you a folder pre-configured as the web root for your site and you can only put content in that folder or sub-folders. Or, your host may give you your own location but allow you to create sub-folders and make one of those folders the web root.

 

By default all the files in the web root and subfolders are accessible from the internet. That is a potential risk. Let's say you have an include file used to connect to your database with the username & password. If that file is a PHP file and doesn't actually echo anything to the page you are relatively safe. But, there are sophisticated means of accessing the source of the file and if there is a hiccup with the PHP parsing engine the script could be sent to the browser as plain text (I understand something similar happened to MySpace or Facebook and resulted in a security breach). You can put certain permissions/restrictions on the subfolders to prevent access, but they are still under the web root - plus if you ever move the site to a different location you have to remember to set all the same permissions.

 

So, the solution is to create a sub-folder and make THAT your web root. User's cannot navigate up a directory from the web root, but the server (when processing PHP code) can. So, you can safely put your database connection script in a folder that is not web accessible. So, it should be impossible for someone to access the file unless they were able to get direct access to the server. There are exploits for that, but this is probably the most secure scenario.

 

I have built several solutions where the files int eh web accessible folders have almost no code whatsoever - only some logic to include the appropriate "secured" scripts not in the web accessible folders.

[meltingpoint]

This simply means that you place important documents above the public_html folder.  Then the only way to access it by calling it through a script as a regular link will not work.

 

Why outside the public_html?  Because if your site is ever hacked- they will only have access to files in the public_html folder and its sub folders.  They will not see any files or folder above the public_html.  The only way they would have access to those files is if they got your server id and password.

 

I use this all the time.  Before signing up for a host- make sure they allow you access to folders out side the public_html.

 

Cheers- Andy

[tec-4]

Oh okay, that makes a lot of sense.  When I was reading they only briefly glazed over the topic without much explanation. So, I really appreciate both of your input. 

 

Thanks you two!

 

 

[Psycho]

The only way they would have access to those files is if they got your server id and password.

 

Yes and no. Just like SQL Injection, there are exploits that can be used against your public scripts that will allow a malicious user to do just about anything they want. Always validate/escape ALL input coming via GET, POST, and COOKIE (I would throw in REQUEST, but you shouldn't be using that anyway). I'm pretty sure SESSION vars are safe as only a session cookie with the session ID is stared on the user's machine, but better to be paranoid and cleanse those too.