httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Cat <stry...@gmail.com>
Subject Re: [users@httpd] Files protection
Date Tue, 03 May 2005 20:21:41 GMT
I usually name all of my php includes as *.inc and add 

<Files ~ "\.inc$">
      Order allow,deny
      Deny from all
      Satisfy All
</Files>

to httpd.conf.  This keeps them from being served and works extremely well.

On 5/3/05, dan <info@hostinthebox.net> wrote:
> Efren Bravo wrote:
> > Hi,
> >
> > I would want to know how you secure the sensitive data into www
> > directory, for example the username and password of a database
> > connection. You use .htaccess or put the data outside of the www
> > directory or if exists another tenchniques?
> >
> > Thanks
> 
> THis entirely depends on the functino which connects to a database.  In
> PHP, I have some .inc files that I keep outside of the www root that
> contain my database information and such, so that only the file being
> run can access this include file.
> 
> Is this what you're looking for?
> 
> Thanks
> -dant
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message