Setting access permissions
Posted: Sat Apr 21, 2007 3:08 am
Hi,
I have a couple of questions regarding setting permissions for how the public may access a file, and also how PHP may access files when executed publicly from the web root that do not reside within my web root directory.
I have a large series of '.inc' files in my project which contain PHP classes that implement my site's functionality (PHP5).
These '.inc' files are currently in the '/inc/' directory on my web root, so any PHP scripts on root get accessed via "include 'inc/myinclude.inc'".
The trouble is, when I place these files into IE/FireFox manually, they show up as text (I've sorted this out using .htaccess), and also, some of them contain sensitive information such as database passwords, which I certainly do not want to end up in the hands of the wrong types of people.
Can I either
(a) Place these .inc files outside of my webroot, for example in another directory on the same level of the hierarchy as webroot, leading to me including files using '../inc/myinclude.inc' - and would these .inc files then definitely be out of the hands of people viewing the site publicly, or:
(b) Restrict read access using permissions for the 'inc' directory in my webroot, without restricting access via PHP.
Many thanks
I have a couple of questions regarding setting permissions for how the public may access a file, and also how PHP may access files when executed publicly from the web root that do not reside within my web root directory.
I have a large series of '.inc' files in my project which contain PHP classes that implement my site's functionality (PHP5).
These '.inc' files are currently in the '/inc/' directory on my web root, so any PHP scripts on root get accessed via "include 'inc/myinclude.inc'".
The trouble is, when I place these files into IE/FireFox manually, they show up as text (I've sorted this out using .htaccess), and also, some of them contain sensitive information such as database passwords, which I certainly do not want to end up in the hands of the wrong types of people.
Can I either
(a) Place these .inc files outside of my webroot, for example in another directory on the same level of the hierarchy as webroot, leading to me including files using '../inc/myinclude.inc' - and would these .inc files then definitely be out of the hands of people viewing the site publicly, or:
(b) Restrict read access using permissions for the 'inc' directory in my webroot, without restricting access via PHP.
Many thanks