phpSensei Posted August 15, 2007 Share Posted August 15, 2007 How Do You block a php file or even directory from being acessed by someone else? I want to use the data in the directory, but if someone tries to sneak in, he is blocked... Link to comment https://forums.phpfreaks.com/topic/64977-solved-blocking-directory/ Share on other sites More sharing options...
dbo Posted August 15, 2007 Share Posted August 15, 2007 Look into file permissions and chmod Link to comment https://forums.phpfreaks.com/topic/64977-solved-blocking-directory/#findComment-324273 Share on other sites More sharing options...
php_tom Posted August 15, 2007 Share Posted August 15, 2007 You could just put a PHP file 'index.php' with the following code: <?php // Redirect them to your site's main page header("Location: http://www.mydomain.com/"); ?> Of course, if someone knows the name of a file in the directory, they can just type it in, but if the script performs a sensitive task (uploading files, displaying sensitive info, etc.), you should probably be using sessions or something to stop unauthorized access anyway... For example when I do the admin part of a website, either I just password the directory with all the admin scripts, or I do a login script w/ sessions to prevent BAD stuff... Link to comment https://forums.phpfreaks.com/topic/64977-solved-blocking-directory/#findComment-324285 Share on other sites More sharing options...
dbo Posted August 15, 2007 Share Posted August 15, 2007 This same thing can and should be done by turning off directory listings in Apache. But if it's just data files that you need grant privileges to system but not users and if you can store it out of the html directory all together so that its contents cannot be served up to a malicious user. Link to comment https://forums.phpfreaks.com/topic/64977-solved-blocking-directory/#findComment-324296 Share on other sites More sharing options...
phpSensei Posted August 15, 2007 Author Share Posted August 15, 2007 So How Do You Do it again?" Link to comment https://forums.phpfreaks.com/topic/64977-solved-blocking-directory/#findComment-324299 Share on other sites More sharing options...
dbo Posted August 15, 2007 Share Posted August 15, 2007 I think you just remove the + from +Indexes on the main configuration settings in httpd.conf or if you're on a shared host you'll do some hacking on a .htaccess file. Link to comment https://forums.phpfreaks.com/topic/64977-solved-blocking-directory/#findComment-324301 Share on other sites More sharing options...
Fadion Posted August 15, 2007 Share Posted August 15, 2007 have a look at <a href="http://www.thejackol.com/htaccess-cheatsheet/">this</a> htaccess cheatshet Link to comment https://forums.phpfreaks.com/topic/64977-solved-blocking-directory/#findComment-324305 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.