> Sooo ... how is that more secure than storing them inside the > webroot ? :)
They are no longer vulnerable to source-code viewing exploits, if any new ones are discovered in the future. But honestly, the primary value of placing them outside the web root is organizational - it allows you to know what is viewed through the web server and what isn't. You can use this knowledge to set permissions accordingly, for example. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net You are subscribed to cfcdev. To unsubscribe, please follow the instructions at http://www.cfczone.org/listserv.cfm CFCDev is supported by: Katapult Media, Inc. We are cool code geeks looking for fun projects to rock! www.katapultmedia.com An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
