On Wed, 2009-07-15 at 07:46 -0700, ML wrote: > Hi Tom, > > >> Say I have a directory of files that contain my MySQL connection > >> information, queries, etc, etc. > >> > >> How do I prevent people from browsing the directory but allow the > >> files to still be used when I include them in a page. Say to connect > >> to MySQL. > > > > Don't ever put them inside your document root. Ever. Place them > > outside, > > and then include them from within the PHP script which requires it. > > PHP > > doesn't give a monkey's where on disk you load things from. > > > > Seriously, this is one of the many ways that a developer/server admin > > can be made to look like a fool. Don't put configuration data inside > > your document root. > > So my root is /var/www/html/<site name> > > could I put my MySQL in /var/www/<mysql>/<site name> > or in /etc/httpd/<mysql>/<site name> > > and this would be OK? > > -Jason > I don't use PHP, so check with their documentation, but yes, that should be OK. The easiest way is just to try it out and see if it works. Explicit paths should be easiest. Cheers Tom --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|