-- Mark Steudel <[EMAIL PROTECTED]> wrote
(on Tuesday, 29 April 2008, 10:02 AM -0700):
> Any recommendations on how to secure the Zend framework when you don’t have
> access to put it outside of the web root directory? Use .htaccess files?
Yes. Drop a .htaccess file in your ZF directory with something like the
following:
Order deny,allow
Deny from all
and that should prevent browsing to it.
--
Matthew Weier O'Phinney
Software Architect | [EMAIL PROTECTED]
Zend - The PHP Company | http://www.zend.com/
