httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject Re: [users@httpd] Make .txt file not directly accessable, only through script
Date Wed, 28 May 2003 20:40:11 GMT
on 5/28/03 4:24 PM, Hulslander, Ryan at uttered the

> I have a situation where a data is being stored in a .txt file on the
> server. PHP code is able to read/write to the file. How do I keep someone
> from accessing it DIRECTLY for viewing, but still let the PHP web pages see
> it?
> If they do:
> https://mysite/postform.php, they can post data to a .txt file the script
> uses. If they hit https://mysite/readdata.php they can see it that way. But
> it they try to hit the datafile directly via https://mysite/datafile.txt
> they get a "forbidden" page.
> Is this possible?

Of course!
But I wouldn't do it that way.
One possibility is to place it outside of the web tree, so it's not directly
available for viewing. So trying to access it via a url won't work, because
it's not there to be seen, only the php script can fetch it.

An other possibility could be to put it in a folder that's password
protected in some way.

Didier Godefroy

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message