On Fri, July 27, 2007 8:20 am, Eric Butera wrote: > Not everyone has the option to do that. Plus I think it is > unintuitive to have things outside of your actual "web site." You can > disallow traffic with Apache fairly easily if you're paranoid of such > things. I used to do this. Until one day I tar-ed up a site to move to a new webhost. tar -cf htdocs.tar htdocs Then I un-tar-ed it, of course: tar -xf htdocs.tar For about 15 minutes there, *ALL* the files I didn't want public, were public. I caught the mistake only because something else was broken as well, a dynamic PHP-generated image. Now I don't do that anymore, and I put anything private outside the webtree. If your host doesn't give you a directory outside the webtree, find a new host that does :-) -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
