473,396 Members | 1,971 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,396 software developers and data experts.

how do I hide database connection files using PHP include files?

I have the following at the beginning of the PHP page:

<?php require_once('Connections/conn.php'); ?>

I want to hide the connection file, "conn.php", so it's out of the web
accessible file structure. I understand putting them in the php include
directory shoudl do this. For example, let's say the directory I put them
in is /www/phpIN/, and /www/ht/ is the root web directory.

So I put "conn.php" in the inlcude directory (/www/phpIN/conn.php) and
removed it form CONNECTIONS directory.

Now it doesn't work.

What do I need to change?

Thanks.

Jul 17 '05 #1
2 10987
On Tue, 18 Nov 2003 15:46:41 -0500, NotGiven wrote:
I have the following at the beginning of the PHP page:

<?php require_once('Connections/conn.php'); ?>

I want to hide the connection file, "conn.php", so it's out of the web
accessible file structure. I understand putting them in the php include
directory shoudl do this. For example, let's say the directory I put them
in is /www/phpIN/, and /www/ht/ is the root web directory.

So I put "conn.php" in the inlcude directory (/www/phpIN/conn.php) and
removed it form CONNECTIONS directory.

Now it doesn't work.

What do I need to change?

Thanks.

Here's how I do it, using Apache directives. First of all, I name all
include files "*.inc" Then I use an Apache directive to prevent download
of those files. You can put the following in a .htaccess file (I think it
can go in .htaccess but if I'm wrong, coordinate with your Webserver
administrator):

<Files ~ "^.*\.inc$">
Order allow,deny
Deny from all
</Files>

This prevents access to all files that end in .inc

Try this link, for example:
http://www.wse.jhu.edu/include/news.inc

You should get a "Forbidden" error message. (I hope you do!)

If you use another Web Server, It may have a slightly different mechanism,
but it should have the same feature.

--
Jeffrey D. Silverman | jeffrey AT jhu DOT edu
Website | http://www.wse.jhu.edu/newtnotes/

Jul 17 '05 #2
"Jeffrey Silverman" a écrit le 18/11/2003 :
Here's how I do it, using Apache directives. First of all, I name all
include files "*.inc" Then I use an Apache directive to prevent download
of those files. You can put the following in a .htaccess file (I think it
can go in .htaccess but if I'm wrong, coordinate with your Webserver
administrator):

<Files ~ "^.*\.inc$">
Order allow,deny
Deny from all
</Files>

This prevents access to all files that end in .inc


I prefer to name them .inc.php so even if people get access to them,
they're processed by PHP and don't return anything.
I put all of them in a specific dir with a Deny All statement in an
..htaccess file (because I don't manage the structure outside the web
dir on the free host I use).
Jul 17 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: NotGiven | last post by:
I have the following at the beginning of the PHP page: <?php require_once('Connections/conn.php'); ?> I want to hide the connection file, "conn.php", so it's out of the web accessible file...
3
by: TrvlOrm | last post by:
I am having great difficulty in these asp scripts, using VBscript and JavaScript. I have 4 files that all need to be linked together. The first file "Books.html" - needs to search for a Book...
19
by: dmiller23462 | last post by:
Hi guys....I have absolutely NO IDEA what I'm doing with Javascript but my end result is I need two text boxes to stay hidden until a particular option is selected....I've cobbled together the...
4
by: Fernando Rodríguez | last post by:
Hi, In a php script, I have to connect to a remote mysql database. I'm a bit worried that some user might be bale to retrieve the source of the page and see the user name and password to connect...
13
by: Robin Haswell | last post by:
Hey people I'm an experience PHP programmer who's been writing python for a couple of weeks now. I'm writing quite a large application which I've decided to break down in to lots of modules...
5
by: Glen Buell | last post by:
Hi all, I have a major problem with my ASP.NET website and it's SQL Server 2005 Express database, and I'm wondering if anyone could help me out with it. This site is on a webhost...
221
Atli
by: Atli | last post by:
You may be wondering why you would want to put your files “into” the database, rather than just onto the file-system. Well, most of the time, you wouldn’t. In situations where your PHP application...
39
by: alex | last post by:
I've converted a latin1 database I have to utf8. The process has been: # mysqldump -u root -p --default-character-set=latin1 -c --insert-ignore --skip-set-charset mydb mydb.sql # iconv -f...
0
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
0
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
1
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
0
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
0
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
0
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
0
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
0
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
0
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.