Hi all, Just a quick one here. I have a folder to which i have designed a logon page using php which then verifies users on my server database. This is where the problem lies, when you type the directory you get the Index directory to which others can open my php scripts and access my server database. How do i protect this or stop anyone viewing it
-------------------- Vista Ultimate x32 | E6750 1333FSB INTEL CORE DUO CPU | 1GB DDRII 800Mhz Mem | 560GB SATA2 HDD | FIREFOX | Blueyonder 10 Mb Broadband | Sams Web Site
Just to let everyone know i have managed to resolve my problem myself as i edited the folder in my directory and removed the permissions for "Everyone" to view.
Cheers
Stuarty
-------------------- Vista Ultimate x32 | E6750 1333FSB INTEL CORE DUO CPU | 1GB DDRII 800Mhz Mem | 560GB SATA2 HDD | FIREFOX | Blueyonder 10 Mb Broadband | Sams Web Site
Another good idea is to upload a blank index.html or index.php file. This will force a blank page to be displayed rather than the file contents.
You can also upload a .htaccess file with the following line, which will still allow the contents page to show, but it would be empty (prevents the files from appearing): Code:
IndexIgnore *
Quote: when you type the directory you get the Index directory to which others can open my php scripts and access my server database.
If you upload these to a webserver with php installed, then visitors will not see the content of the php scripts, as it will be parsed by the server. Additionally, you should make sure any config files (which include your database username and password) are stored below the web folder (normally called public_html or www) and then included in your script. This way, the risk of these details being discovered by a visitor is greatly reduced.
Previous
Index
Next
Threaded
Edit
Reply
Quote
