vinspire
asked on
PHP Files Security in webserver
I done a a project in PHP and MySQL.
I would like to upload that into the webserver. but how to secure those files to direct download or see the source code of those php files.
how to secure my php files?
I would like to upload that into the webserver. but how to secure those files to direct download or see the source code of those php files.
how to secure my php files?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Good point about the passwords -- one other option is to put the passwords in includes outside of your web directory alltogether, which doesn't involve setting up an .htaccess file
Yes, the latter is preferable but not always an option given by ISPs
If you have .php files which contain passwords etc, it's advisable to make them 'include' which php accesses indirectly, then prevent Apache for ever serving them, by adding a .htaccess file and denying access to those files over HTTP.
Hope that helps
JP