ML wrote:
Hi Tom,Say I have a directory of files that contain my MySQL connection information, queries, etc, etc. How do I prevent people from browsing the directory but allow the files to still be used when I include them in a page. Say to connect to MySQL.Don't ever put them inside your document root. Ever. Place them outside, and then include them from within the PHP script which requires it. PHP doesn't give a monkey's where on disk you load things from. Seriously, this is one of the many ways that a developer/server admin can be made to look like a fool. Don't put configuration data inside your document root.So my root is /var/www/html/<site name> could I put my MySQL in /var/www/<mysql>/<site name> or in /etc/httpd/<mysql>/<site name> and this would be OK?
You don't even have to break it down that far. For example, my DocumentRoot is:
/www/<site name> And all my MySQL database files are in: /var/db/mysql/<database> Cheers, Drew -- Be a Great Magician! Visit The Alchemist's Warehouse http://www.alchemistswarehouse.com --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|