On 10-08-17 04:23 PM, Peter Lind wrote:
On 17 August 2010 22:17, tedd<tedd@xxxxxxxxxxxx> wrote:
Hi gang:
The subject line says it all.
How secure is a .htaccess file to store passwords and other sensitive stuff?
Can a .htaccess file be viewed remotely?
No, Apache won't serve it.
It's a configuration setting though, and not a hard-coded feature.
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
Cheers,
Rob.
--
E-Mail Disclaimer: Information contained in this message and any
attached documents is considered confidential and legally protected.
This message is intended solely for the addressee(s). Disclosure,
copying, and distribution are prohibited unless authorized.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
