wilderness
msg:4308583 | 3:42 am on May 6, 2011 (gmt 0) |
I've no clue of PHP.
"Options -Indexes" [google.com]
|
g1smd
msg:4308616 | 7:52 am on May 6, 2011 (gmt 0) |
You should not be directly POSTing a form to the "includes" folder. The "includes" folder should contain only files which are INCLUDEd by PHP from some other part of the site.
|
Ben502
msg:4308691 | 11:19 am on May 6, 2011 (gmt 0) |
that is what i am doing. what i have now is lets say form1.php in my main folder. then in my include folder, i have things like configfure and process files. i just want to make sure that no one can ever get into that include folder
|
g1smd
msg:4308948 | 8:14 pm on May 6, 2011 (gmt 0) |
Make sure the INCLUDE references only a server path and file not a domain name. This keeps the request internal to the server.
|
|
