I usually name all of my php includes as *.inc and add
<Files ~ "\.inc$">
Order allow,deny
Deny from all
Satisfy All
</Files>
to httpd.conf. This keeps them from being served and works extremely well.
On 5/3/05, dan <info@xxxxxxxxxxxxxxxx> wrote:
> Efren Bravo wrote:
> > Hi,
> >
> > I would want to know how you secure the sensitive data into www
> > directory, for example the username and password of a database
> > connection. You use .htaccess or put the data outside of the www
> > directory or if exists another tenchniques?
> >
> > Thanks
>
> THis entirely depends on the functino which connects to a database. In
> PHP, I have some .inc files that I keep outside of the www root that
> contain my database information and such, so that only the file being
> run can access this include file.
>
> Is this what you're looking for?
>
> Thanks
> -dant
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|