Avatar of ruud00000
ruud00000
 asked on

how to secure access to public part of webserver?

I have a website consisting of php files and database access. I have protected access to rescticted pages using a php-loginscript and access to the database is password protected.

Is it possible in any way to list the files on that server and get access to the sourcecode (.php files) on the webserver without knowing my webserver user login details ? Anything more that I need to do to prevent that?

See http://www.computerhuys.nl/voetbaltoto_test
PHPMySQL Server

Avatar of undefined
Last Comment
Theo Kouwenhoven

8/22/2022 - Mon
SOLUTION
warturtle

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Ray Paseur

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ruud00000

ASKER
thanks!
Theo Kouwenhoven

btw,

That is also the reason why you can't upload data directly to your DB, if you like to do that, you need do it indirectly:
e.g.
FTP data to a map on your "public" part of the server like .CSV etc
start a page (also on the public part) that will triger a php script in the PHP map on the server

So the server side can use PHP to access the public part and the non-public part.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy