httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rich Pinder <>
Subject [users@httpd] Hiding contents of .py script files
Date Mon, 20 Sep 2004 20:07:56 GMT
I'm using Apache 1.3 with Python (Kinterbas) to access a Firebird database.

The .py script resides in a directory under the document root.  If you 
enter the full url to the script file, the browser returns a textual 
representation of the script  (complete with all my connection string 
info & password into the database !)

What is a suggested way to disallow this ??  Can I add something to the 
.conf file that renders all .py scripts 'non browserable' ??  I believe 
there was (good?) reason that the script files are under the document root.

thanks for your help


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message