Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New Coder
    Join Date
    May 2009
    Location
    philippines
    Posts
    50
    Thanks
    6
    Thanked 1 Time in 1 Post

    how to protect files where constants (such as password) are kept?

    i use an include file where i keep my constants (such as mysql password, username, and etc.). how can i protect it from being viewed or downloaded if i deploy it the web?

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    If it is a PHP file, and if your web server is properly configured, then no one will be able to view the file directly-- it will be parsed by PHP when it is requested.

    If it is a plain text file, then you'd better take some steps to secure it from public viewing.

  • #3
    Mega-ultimate member
    Join Date
    Jun 2002
    Location
    Winona, MN - The land of 10,000 lakes
    Posts
    1,855
    Thanks
    1
    Thanked 45 Times in 42 Posts
    I'd always recommend placing configuration files out side of the document root.

    So, if you have uploaded your site to...

    /var/www/vhosts/mydomain.com/httpdocs/

    Then put your config files in

    /var/www/vhsots/mydomain.com/config or something similar


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •