How Easy Is It For Someone To Download A Php File From A Website?
My php page has all the important database information, so I don’t want people looking at it. How easy is it for someone to view this information? Also I’v set the PHP file, so that you can’t access it directly using the URL, you can only see it when it is linked to by a form using the POST method.
Related posts:
- Php: How Can I Personalize The Uploaded Files By Users On My Website? I have a website that users with login information can...
- How To Publish Php File That I Just Edited Back To My Website? I used FTP program that is offered by default by...
- How Do You Test A Php File On Windows When It Requires A Mysql Database To Read From? Specifically, I want to be able to view and run...
- download a web page to a file Learn more about download a web page to a file...
- What Sort Of Php Templates Are Available For Displaying Mysql? I have a MySQL database and a website. I want...
Related posts brought to you by Yet Another Related Posts Plugin.
June 14th, 2009 at 11:30 pm
it is as easy as downloading an html file
June 14th, 2009 at 11:30 pm
don’t put your db config file inside your public folder. For example, if your web root directory is “www”, then have a “config” folder at the same level - . outside of your web root.
Also you should be able to deny access to any of your public files by using a .htaccess file.
June 14th, 2009 at 11:30 pm
you may want to consider creating a separate db-connex.php file (or whatever name) and putting it in a random named folder and have an include statement pull it in before connecting to the database. This way you can put all of you DB username and DB passwords in that file as variables and only allow server sided includes in yourt php.ini
Also add a little security to that folder and you should be just fine.