Zippy_Brown
(regular)
Wed Mar 26 2008 11:10 PM
Re: Protection to Directory

Another good idea is to upload a blank index.html or index.php file. This will force a blank page to be displayed rather than the file contents.

You can also upload a .htaccess file with the following line, which will still allow the contents page to show, but it would be empty (prevents the files from appearing):
Code:
IndexIgnore *


Quote:

when you type the directory you get the Index directory to which others can open my php scripts and access my server database.


If you upload these to a webserver with php installed, then visitors will not see the content of the php scripts, as it will be parsed by the server.
Additionally, you should make sure any config files (which include your database username and password) are stored below the web folder (normally called public_html or www) and then included in your script. This way, the risk of these details being discovered by a visitor is greatly reduced.

Contact Us | Privacy statement Main website
Hitwise Top 10 Award Winner - Jan-Mar 2005

About us | Contact us | Link to us | Terms & Conditions | Privacy Policy
© Copyright IPC Media Limited, All rights reserved