httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rich Pinder <rpin...@usc.edu>
Subject [users@httpd] Hiding contents of .py script files
Date Mon, 20 Sep 2004 20:07:56 GMT
I'm using Apache 1.3 with Python (Kinterbas) to access a Firebird database.

The .py script resides in a directory under the document root.  If you 
enter the full url to the script file, the browser returns a textual 
representation of the script  (complete with all my connection string 
info & password into the database !)

What is a suggested way to disallow this ??  Can I add something to the 
.conf file that renders all .py scripts 'non browserable' ??  I believe 
there was (good?) reason that the script files are under the document root.

thanks for your help

rich

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message