Prevent include files with .inc from being downloaded
Posted 22 May 2003 - 01:42 AM
Deny from all
i am trying to prevent them from being download because they contain database info. i know you can switch it to .php but i have a lot sites with the .inc file Is there some way to have apache prevent them from being seen but still being used.
Posted 22 May 2003 - 06:53 PM
the os is linux red hat 7.2 hope that helps but just to explain more. i have been using
at the top of most of my php pages. What i did not realize being i have been doing this for about a year is that if you use the url
http://mydomain.com/database.inc then you can download the code to your computer then open with an editor and view my username and password for the database but happens to used besides the database. is there any way to prevent download of this file without having to change a huge amount of php scripts.
Posted 16 September 2003 - 07:55 AM
The AddType directive will cure your problem.
Note in the list below the part that includes the .inc
at the end. That\'s the line you need to prevent ppl
from having your source dumped to their browser when
calling your .inc files in their location box on their
Just add the line next to your other PHP directives
in the global section of your httpd.conf file.
AddType application/x-httpd-php .php AddType application/x-httpd-php .php4 AddType application/x-httpd-php-source .phps AddType application/x-httpd-php .phtml AddType application/x-httpd-php .inc
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users