How to make a file/folder as forbidden (http status - 403)

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
asha
Forum Newbie
Posts: 3
Joined: Fri Jul 07, 2006 7:34 am
Location: India

How to make a file/folder as forbidden (http status - 403)

Post by asha »

I have a php program which reads data from a file. [The data file is in a different folder]. In this scenario, how will i get 403 Error (Forbidden) while executing the program/reading the data from the file.

Thanks..
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

The folder doesn't have execute (traverse) permissions, or the file doesn't have read permissions for the user the script is executing under.

Research

Code: Select all

chmod();
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

Not sure if this will cause any problems as I haven't tried it myself, but in the directory you wish to protect, create (or modify existing) .htaccess file:

Code: Select all

<Directory /path/to/dir>
    Order Deny,Allow
    Deny from all
</Directory>
Post Reply