Welcome to WebmasterWorld Guest from 54.146.180.94

Forum Moderators: Ocean10000 & incrediBILL & phranque

htaccess to block php include folders

   
3:12 am on May 6, 2011 (gmt 0)



i tried to set an htaccess file to keep people from being able to see my php include folder by using:

order deny,allow
deny from all

but when i do that it does not let my php forms run...this is prolly really simple i have just never tried this before...how dumb am i being

i still want my forms to work i just dont want people to be able to get into my folder...
3:42 am on May 6, 2011 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I've no clue of PHP.

"Options -Indexes" [google.com]
7:52 am on May 6, 2011 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



You should not be directly POSTing a form to the "includes" folder. The "includes" folder should contain only files which are INCLUDEd by PHP from some other part of the site.
11:19 am on May 6, 2011 (gmt 0)



that is what i am doing. what i have now is lets say form1.php in my main folder. then in my include folder, i have things like configfure and process files. i just want to make sure that no one can ever get into that include folder
8:14 pm on May 6, 2011 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Make sure the INCLUDE references only a server path and file not a domain name. This keeps the request internal to the server.
 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month