Page 1 of 1

protecting inc files

Posted: Tue Jan 06, 2004 11:14 pm
by CraniumDesigns
how do i make it so that people can not just type in the address of my inc file and see all my account info? do i have to create an htaccess file? please help ASAP.

Posted: Wed Jan 07, 2004 12:01 am
by KofRad
You can edit your apache httpd.conf file to have PHP parse those files as php, change the extension of your *.inc files to *.php, or you can place them out of the webroot. I dont know about .htaccess though as I never used it.

Posted: Wed Jan 07, 2004 4:49 am
by m3mn0n

Code: Select all

<Files ~ "^.inc">
  ForceType application/x-httpd-php
</Files>
or better yet

Code: Select all

<Files ~ "^.inc">
  Order allow,deny 
  Deny from all
</Files>
http://httpd.apache.org/docs-2.0/mod/core.html#files