Hi Tom,
Say I have a directory of files that contain my MySQL connection information, queries, etc, etc. How do I prevent people from browsing the directory but allow the files to still be used when I include them in a page. Say to connect to MySQL.Don't ever put them inside your document root. Ever. Place them outside, and then include them from within the PHP script which requires it. PHPdoesn't give a monkey's where on disk you load things from. Seriously, this is one of the many ways that a developer/server admin can be made to look like a fool. Don't put configuration data inside your document root.
So my root is /var/www/html/<site name> could I put my MySQL in /var/www/<mysql>/<site name> or in /etc/httpd/<mysql>/<site name> and this would be OK? -Jason --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|