On Tue, 18 Nov 2003 15:46:41 -0500, NotGiven wrote:
[color=blue]
> I have the following at the beginning of the PHP page:
>
> <?php require_once('Connections/conn.php'); ?>
>
> I want to hide the connection file, "conn.php", so it's out of the web
> accessible file structure. I understand putting them in the php include
> directory shoudl do this. For example, let's say the directory I put them
> in is /www/phpIN/, and /www/ht/ is the root web directory.
>
> So I put "conn.php" in the inlcude directory (/www/phpIN/conn.php) and
> removed it form CONNECTIONS directory.
>
> Now it doesn't work.
>
> What do I need to change?
>
> Thanks.[/color]
Here's how I do it, using Apache directives. First of all, I name all
include files "*.inc" Then I use an Apache directive to prevent download
of those files. You can put the following in a .htaccess file (I think it
can go in .htaccess but if I'm wrong, coordinate with your Webserver
administrator):
<Files ~ "^.*\.inc$">
Order allow,deny
Deny from all
</Files>
This prevents access to all files that end in .inc
Try this link, for example:
http://www.wse.jhu.edu/include/news.inc
You should get a "Forbidden" error message. (I hope you do!)
If you use another Web Server, It may have a slightly different mechanism,
but it should have the same feature.
--
Jeffrey D. Silverman | jeffrey AT jhu DOT edu
Website |
http://www.wse.jhu.edu/newtnotes/ 
