I want to store a key in a file and keep it protected. I don't wish to password protect it b/c it is assumed that users on the shared server will already have access to the DB info and there is no way of getting around that.
What should do the trick is a .htaccess file that can reject users coming from anywhere but a specific URL like [mysite.com...] Unfortunately I'm a n00b when it comes to .htaccess. Is this possible?
FYI, a 700 directory owned by the webserver will be created and the file with the key placed within. This will lock out any users other than the webserver. The purpose of the .htaccess will be to stop the clever folks that know to simply fopen in PHP to look at anything owned by the webserver. The sensitive code in access.php is already locked down.
Thank you! -Nuttzy ;)
p.s. I strongly recommend using phpBB for forum software, but I'm biased :p