ML wrote:
Hi Tom,
Say I have a directory of files that contain my MySQL connection
information, queries, etc, etc.
How do I prevent people from browsing the directory but allow the
files to still be used when I include them in a page. Say to connect
to MySQL.
Don't ever put them inside your document root. Ever. Place them outside,
and then include them from within the PHP script which requires it. PHP
doesn't give a monkey's where on disk you load things from.
Seriously, this is one of the many ways that a developer/server admin
can be made to look like a fool. Don't put configuration data inside
your document root.
So my root is /var/www/html/<site name>
could I put my MySQL in /var/www/<mysql>/<site name>
or in /etc/httpd/<mysql>/<site name>
and this would be OK?
You don't even have to break it down that far. For example, my
DocumentRoot is:
/www/<site name>
And all my MySQL database files are in:
/var/db/mysql/<database>
Cheers,
Drew
--
Be a Great Magician!
Visit The Alchemist's Warehouse
http://www.alchemistswarehouse.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
