Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 303
  • Last Modified:

Securing dir

What is the best way to secure a dir that holds some php include files. I am on apache and as such tried .htaccess and so on, the problem is that the parser will not have access either to the files. what to do. Is there a better way.

Basically what i have is a single file with all the db passwords and the link in stored in a dir called secure under my web path and as such is viewable, what i want to do is stop access to this form the out side world, i thought of moving the dir out side the normal web path but hit a problem I use the following code to get a path to the .inc file

 $scriptArea = "http://" . $HTTP_HOST . "/secure";

this will not work if I move the dir.

So what is the best way to do this.
0
kplonk
Asked:
kplonk
  • 6
  • 4
1 Solution
 
GibbleCommented:
windows or unix?
0
 
kplonkAuthor Commented:
unix
0
 
GibbleCommented:
Ok I don't know why I asked because it didn't really matter anyhow :p

Just put the files anywhere outside the /htdocs directory and use the path /home/secure/somefile to access them in your php script, it should work fine.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
kplonkAuthor Commented:
/home/secure/somefile this path does not seem to work, is that all i need

$scriptArea = "/home/secure/inc.inc";

is this correct or do i nned to change somthing
0
 
GibbleCommented:
You did put the file there right?
"/home/secure/inc.inc";
0
 
kplonkAuthor Commented:
yer, but the real path to my site is

/home/sites/site56/scripts

this does not work corectly either do i need some sort ot relitive placer like a ~ or somthing

thanks -k-
0
 
GibbleCommented:
move the file out of there, put it wherever on the HD, just not in your web directory if you don't want it web accessible, the PHP files should still read it.
0
 
kplonkAuthor Commented:
I understand that, the proble i have is how to find the path to it. form any where in the web structure. What i dont know is how to do absolut addresssing in php
0
 
kplonkAuthor Commented:
This is the real path
"/home/sites/site56/scripts"
Say the script is running at
"home/sites/site56/web/article/index.php" real path
"http://www.kplonk.com/article/" web path

and the code of the script "index.php" is

<?php

     include "/home/sites/site56/scripts/index.php";

?>

what am I doing wrong..? thanks
-k-
0
 
kplonkAuthor Commented:
Thanks for the input on moving the scripts out side of the web folder
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now