Solved

Securing dir

Posted on 2002-04-19
10
298 Views
Last Modified: 2006-11-17
What is the best way to secure a dir that holds some php include files. I am on apache and as such tried .htaccess and so on, the problem is that the parser will not have access either to the files. what to do. Is there a better way.

Basically what i have is a single file with all the db passwords and the link in stored in a dir called secure under my web path and as such is viewable, what i want to do is stop access to this form the out side world, i thought of moving the dir out side the normal web path but hit a problem I use the following code to get a path to the .inc file

 $scriptArea = "http://" . $HTTP_HOST . "/secure";

this will not work if I move the dir.

So what is the best way to do this.
0
Comment
Question by:kplonk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 4

Expert Comment

by:Gibble
ID: 6969105
windows or unix?
0
 

Author Comment

by:kplonk
ID: 6970037
unix
0
 
LVL 4

Expert Comment

by:Gibble
ID: 6971196
Ok I don't know why I asked because it didn't really matter anyhow :p

Just put the files anywhere outside the /htdocs directory and use the path /home/secure/somefile to access them in your php script, it should work fine.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:kplonk
ID: 6975548
/home/secure/somefile this path does not seem to work, is that all i need

$scriptArea = "/home/secure/inc.inc";

is this correct or do i nned to change somthing
0
 
LVL 4

Expert Comment

by:Gibble
ID: 6977255
You did put the file there right?
"/home/secure/inc.inc";
0
 

Author Comment

by:kplonk
ID: 6977286
yer, but the real path to my site is

/home/sites/site56/scripts

this does not work corectly either do i need some sort ot relitive placer like a ~ or somthing

thanks -k-
0
 
LVL 4

Accepted Solution

by:
Gibble earned 10 total points
ID: 6977312
move the file out of there, put it wherever on the HD, just not in your web directory if you don't want it web accessible, the PHP files should still read it.
0
 

Author Comment

by:kplonk
ID: 6978474
I understand that, the proble i have is how to find the path to it. form any where in the web structure. What i dont know is how to do absolut addresssing in php
0
 

Author Comment

by:kplonk
ID: 6983019
This is the real path
"/home/sites/site56/scripts"
Say the script is running at
"home/sites/site56/web/article/index.php" real path
"http://www.kplonk.com/article/" web path

and the code of the script "index.php" is

<?php

     include "/home/sites/site56/scripts/index.php";

?>

what am I doing wrong..? thanks
-k-
0
 

Author Comment

by:kplonk
ID: 6987534
Thanks for the input on moving the scripts out side of the web folder
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This article discusses four methods for overlaying images in a container on a web page
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question