On Tue, 18 Nov 2003 15:46:41 -0500, NotGiven wrote:
I have the following at the beginning of the PHP page:
<?php require_once('Connections/conn.php'); ?>
I want to hide the connection file, "conn.php", so it's out of the web
accessible file structure. I understand putting them in the php include
directory shoudl do this. For example, let's say the directory I put them
in is /www/phpIN/, and /www/ht/ is the root web directory.
So I put "conn.php" in the inlcude directory (/www/phpIN/conn.php) and
removed it form CONNECTIONS directory.
Now it doesn't work.
What do I need to change?
Thanks.
Here's how I do it, using Apache directives. First of all, I name all
include files "*.inc" Then I use an Apache directive to prevent download
of those files. You can put the following in a .htaccess file (I think it
can go in .htaccess but if I'm wrong, coordinate with your Webserver
administrator):
<Files ~ "^.*\.inc$">
Order allow,deny
Deny from all
</Files>
This prevents access to all files that end in .inc
Try this link, for example:
http://www.wse.jhu.edu/include/news.inc
You should get a "Forbidden" error message. (I hope you do!)
If you use another Web Server, It may have a slightly different mechanism,
but it should have the same feature.
--
Jeffrey D. Silverman | jeffrey AT jhu DOT edu
Website |
http://www.wse.jhu.edu/newtnotes/