...

View Full Version : Using .htaccess to protect file



doubledee
05-14-2011, 04:02 PM
Is there a way to use .htaccess so that people cannot access a file in a directory BUT a PHP script in another directory can Include the file?

(I have a sensitive file that I wanted to put outside of httpdocs and then Include, but the way my VPS is set up, it much harder than anticipated. So maybe using .htaccess is a reasonable workaround?!)



Debbie

abduraooft
05-14-2011, 04:20 PM
Is there a way to use .htaccess so that people cannot access a file in a directory BUT a PHP script in another directory can Include the file?

Yes, you could do it.

doubledee
05-14-2011, 04:38 PM
Yes, you could do it.

What is the syntax?

How secure it that?

I wanted to put my config file outside of httpdocs, but apparently the way my VPS is configured, it requires some Linux trickery that I don't think I'm up to.


Debbie

Inigoesdr
05-14-2011, 04:40 PM
deny from all

doubledee
05-14-2011, 04:41 PM
deny from all

Just that one line of code?! :confused:


Debbie

Inigoesdr
05-14-2011, 04:56 PM
Nope, I withheld all of the important stuff. :)

Seriously, just make a directory and try it.

doubledee
05-14-2011, 05:01 PM
Nope, I withheld all of the important stuff. :)

Seriously, just make a directory and try it.

Ha ha! :p

It just seemed too simple.


Debbie

P.S. BTW, when I include my config file, is it okay to use an absolute path like...



// Include Authorize.net Values.
require_once('/var/www/vhosts/MyWebsite.com/httpdocs/private/auth_config.php');

Inigoesdr
05-14-2011, 05:05 PM
P.S. BTW, when I include my config file, is it okay to use an absolute path like...


That should be fine, but if it's not working check the error log. It will tell you the reason it didn't work(wrong path, permissions, open_basedir restriction, etc.).



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum