That is the MS FrontPage auth system. Directories beginning with _ underscores cannot be viewed in your browser. Unless you want to dump FrontPage, you do not want to be messing with this setup. If you can't view these directories in FrontPage, it's because you do not have the website set to show hidden files. Tools>Site Settings. Frank > -----Original Message----- > From: tedd [mailto:tedd@xxxxxxxxxxxx] > Sent: Sunday, December 03, 2006 08:57 > To: PHP General List > Subject: Re: security and .htaccess > > At 10:35 PM +0100 12/2/06, Alain Roger wrote: > >I'm working on .htaccess file for improving security. > >Based on documentation from PHPSEC.org, we should be able to store DB_USER > >login and DB_PASS password in some secret-stuff (for example) file, which > >should be located outside root of web document root. (for example in some > >/path_to_secret folder) > > The "path_to_secret folder" thing -- I have a question about. > > I'm working with what a host provides me and I've seen paths that I > can traverse/access and paths in a .htpacess file that I can't. For > example, in one site I see a .htaccess file that contains: > > AuthUserFile /home/admin/public_html/_vit_pvt/service.pwd > > But, the "_vit_pvt" folder is not apparent. I can't get to it -- is > this a host file that only they can access, or is there a secret > handshake I need to get to it, or what? > > Thanks. > > tedd > > -- > ------- > http://sperling.com http://ancientstones.com http://earthstones.com > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php