Solved

Securing dir

Posted on 2002-04-19
10
296 Views
Last Modified: 2006-11-17
What is the best way to secure a dir that holds some php include files. I am on apache and as such tried .htaccess and so on, the problem is that the parser will not have access either to the files. what to do. Is there a better way.

Basically what i have is a single file with all the db passwords and the link in stored in a dir called secure under my web path and as such is viewable, what i want to do is stop access to this form the out side world, i thought of moving the dir out side the normal web path but hit a problem I use the following code to get a path to the .inc file

 $scriptArea = "http://" . $HTTP_HOST . "/secure";

this will not work if I move the dir.

So what is the best way to do this.
0
Comment
Question by:kplonk
  • 6
  • 4
10 Comments
 
LVL 4

Expert Comment

by:Gibble
ID: 6969105
windows or unix?
0
 

Author Comment

by:kplonk
ID: 6970037
unix
0
 
LVL 4

Expert Comment

by:Gibble
ID: 6971196
Ok I don't know why I asked because it didn't really matter anyhow :p

Just put the files anywhere outside the /htdocs directory and use the path /home/secure/somefile to access them in your php script, it should work fine.
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 

Author Comment

by:kplonk
ID: 6975548
/home/secure/somefile this path does not seem to work, is that all i need

$scriptArea = "/home/secure/inc.inc";

is this correct or do i nned to change somthing
0
 
LVL 4

Expert Comment

by:Gibble
ID: 6977255
You did put the file there right?
"/home/secure/inc.inc";
0
 

Author Comment

by:kplonk
ID: 6977286
yer, but the real path to my site is

/home/sites/site56/scripts

this does not work corectly either do i need some sort ot relitive placer like a ~ or somthing

thanks -k-
0
 
LVL 4

Accepted Solution

by:
Gibble earned 10 total points
ID: 6977312
move the file out of there, put it wherever on the HD, just not in your web directory if you don't want it web accessible, the PHP files should still read it.
0
 

Author Comment

by:kplonk
ID: 6978474
I understand that, the proble i have is how to find the path to it. form any where in the web structure. What i dont know is how to do absolut addresssing in php
0
 

Author Comment

by:kplonk
ID: 6983019
This is the real path
"/home/sites/site56/scripts"
Say the script is running at
"home/sites/site56/web/article/index.php" real path
"http://www.kplonk.com/article/" web path

and the code of the script "index.php" is

<?php

     include "/home/sites/site56/scripts/index.php";

?>

what am I doing wrong..? thanks
-k-
0
 

Author Comment

by:kplonk
ID: 6987534
Thanks for the input on moving the scripts out side of the web folder
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question