On 8/25/06, Will Tomlinson <[EMAIL PROTECTED]> wrote: > Right now my config.xml file resides where it can be browsed and read easily. > Ray C. helped me a while back on how to secure it. One of the options is to > place outside the root and read it. This needs to work with a shared host so > that's not a good option. Another was to setup a defaults.cfm file with the > xml commented out. Then you read the file, taking out the comments. If > someone browses to the file, they'd see nothing. >
I'm not sure why being on a shared host eliminates placing it outside of the web root. My personal site is on a shared host, and I have access to directories that are within my account, but outside of the web root. Further, you could set up a directory outside of your web root and ask your host to set up a mapping. If they won't let you do this, then it's time to switch to HostMySite.com, who is unbelievably accomodating when it comes to this sort of stuff. Regards, Dave. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:251139 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
