Michelle, this post is completely misleading.. refer to your other posts for better results.
basically.. you give more you get more.. kthxbbq On Sat, Nov 29, 2008 at 9:13 PM, Michele Waldman <[EMAIL PROTECTED]>wrote: > The point of the htaccess I was working on was to attempt to prevent xss > where others try to embed my php in their code on their server. > > I also tighted up my code, but I figured the more I can do to secure the > website, the better. > > I'm not relying on this alone. > > I'm also scrubbing data in the php files and in the javascript files. > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On > Behalf Of Konstantin Rozinov > Sent: Saturday, November 29, 2008 6:50 PM > To: NYPHP Talk > Subject: Re: [nyphp-talk] htaccess & php > > > I'm trying to lock out remote call to the php files. > > what do you mean by that? Aren't your php files processed by > apache/php and then the output returned to the user? > > > > On Fri, Nov 28, 2008 at 3:02 PM, Michele Waldman <[EMAIL PROTECTED]> > wrote: > > This is not working for me > > > > > > > > RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mydomain\.com/ [NC] > > > > RewriteCond %{HTTP_REFERER} !^$ > > > > RewriteRule .*\.(jpe?g|gif|bmp|png)$ /image/nolink.jpg [L] > > > > RewriteRule .file1\.php(\?*)?$ stub.php [L] > > > > RewriteRule .type1_*\.php(\?*)?$ stub.php [L] > > > > > > > > All of the php files are referred to in the html as: > > > > > > > > Src="../../file1.php" or > > > > > > > > Src="../../type1_file2.php?arg1=blah > > > > > > > > In the case of file1, I'm just getting the stub.php > > > > > > > > In the case of type1_file2.php the file is being call. I think because > my > > string didn't match. > > > > > > > > I'm trying to lock out remote call to the php files. > > > > > > > > Michele > > > > _______________________________________________ > > New York PHP User Group Community Talk Mailing List > > http://lists.nyphp.org/mailman/listinfo/talk > > > > http://www.nyphp.org/show_participation.php > > > _______________________________________________ > New York PHP User Group Community Talk Mailing List > http://lists.nyphp.org/mailman/listinfo/talk > > http://www.nyphp.org/show_participation.php > > _______________________________________________ > New York PHP User Group Community Talk Mailing List > http://lists.nyphp.org/mailman/listinfo/talk > > http://www.nyphp.org/show_participation.php >
_______________________________________________ New York PHP User Group Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org/show_participation.php
