>>"Bmw" <[EMAIL PROTECTED]> wrote in message >>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... >> I am trying to find out how I can secure the directory tree of my PHP >> scripts from the HTTP server without preventing access to my PHP scripts >> once in session. Right now, if I type the URL of a subdirectory of my site, >> I get the index of all the files and directories. >> >> Ex: >> >> http://domaine/index.html has DB access user login and password for my >> session authentication to enter into my scripts and run the program. >> >> >> If I type http://domaine/subfolder/ I can see all the PHP code I want >> without logging into my site. How can I protect the server from doing this >> without busting access to my scripts through the login from the root level >> index.html? >> >> Apache/1.3.26 (Unix)/Linux mod_fastcgi/2.2.12 mod_perl/1.26 >> PHP 4.2.2 >> >> Robert >> >> >>----- Original Message ----- >>From: "Milan Reznicek" <[EMAIL PROTECTED]> >>To: "bmw" <[EMAIL PROTECTED]> >>Sent: Tuesday, August 20, 2002 7:17 PM >>Subject: Re: [PHP-DB] securing directory tree and allowing PHP to work
>> You could restrict autoindexing through apache's httpd.conf. >> >> Look it up in apache's manual. >> >> Milan This is not my personal web server. It is a remote ISP which provides PHP and MySQL support. I cannot control the HTTP or PHP server build configurations...They have autoindexing built into the Apache server. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.381 / Virus Database: 214 - Release Date: 02/08/2002 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php