"Outside" would be in '/var/www/secure' in your case. Or any other place your scripts have access to, save under '/var/www/html/'.
HTH, Stas ----- Original Message ----- From: "Andre Dubuc" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, August 21, 2002 1:11 PM Subject: [PHP] Simple Security Clarification > In another thread [How do you protect individual files], Justin French stated: > > "In real short, you want to store the files outside your htdocs root (so they > can't be served by http) . . ." > > My PHP setup serves files from DOCUMENT_ROOT=/var/www/html. If I place files > in '/var/www/html/secure' would this provide any isolation for file access? > Am I correct in thinking that 'below' is not the same as 'outside' doc_root, > and that i this case, no protection would be afforded? > > Tia, > Andre > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php