Link to home
Get AccessLog in
Avatar of ruud00000
ruud00000

asked on

how to secure access to public part of webserver?

I have a website consisting of php files and database access. I have protected access to rescticted pages using a php-loginscript and access to the database is password protected.

Is it possible in any way to list the files on that server and get access to the sourcecode (.php files) on the webserver without knowing my webserver user login details ? Anything more that I need to do to prevent that?

See http://www.computerhuys.nl/voetbaltoto_test
SOLUTION
Avatar of warturtle
warturtle
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This content is only available to members.
To access this content, you must be a member of Experts Exchange.
Get Access
SOLUTION
Link to home
membership
This content is only available to members.
To access this content, you must be a member of Experts Exchange.
Get Access
ASKER CERTIFIED SOLUTION
Avatar of Theo Kouwenhoven
Theo Kouwenhoven
Flag of Netherlands image

Link to home
membership
This content is only available to members.
To access this content, you must be a member of Experts Exchange.
Get Access
Avatar of ruud00000
ruud00000

ASKER

thanks!
btw,

That is also the reason why you can't upload data directly to your DB, if you like to do that, you need do it indirectly:
e.g.
FTP data to a map on your "public" part of the server like .CSV etc
start a page (also on the public part) that will triger a php script in the PHP map on the server

So the server side can use PHP to access the public part and the non-public part.