Link Details

Previous | Next

Surprise Me!
Link 63994 thumbnail
User 238392 avatar

By davidwalsh
via php.dzone.com
Published: Jan 30 2008 / 19:16

PHP Security - Block Access to Include Files Using .htaccess
Even if my scripts are secure (meaning I use proper validation to make sure they've been called correctly), a user/hacker has no business calling an include file. Using .htaccess, we can prevent any attempt by a user to reach an include file.
Vote up
Vote down
  • 8
  • 3
  • 1289
  • 262
SaveShareSend Tags: , , ,

Comments

Add your comment
User 247828 avatar

jawngee replied ago:

0 votes Vote down Vote up Reply

Better yet, put your include files outside the public directory.

User 206038 avatar

samus replied ago:

0 votes Vote down Vote up Reply

Definitely. .htaccess files are read and parsed for every request. Who needs that unnecessary overhead?

Add your comment


Html tags not supported. Reply is editable for 5 minutes. Use [code lang="java|ruby|sql|css|xml"][/code] to post code snippets.

Voters For This Link (8)



Voters Against This Link (3)