If you can't store stuff ABOVE your doc root, you can protect them with a .htaccess file.
I use this to refuse all *.inc files from being served: <Files ~ "\.inc$"> Order Allow,Deny Deny from all </Files> With this in mind, a quick visit to the Apache site should get you started in the right direction. Justin French on 21/08/02 10:11 PM, Andre Dubuc ([EMAIL PROTECTED]) wrote: > In another thread [How do you protect individual files], Justin French stated: > > "In real short, you want to store the files outside your htdocs root (so they > can't be served by http) . . ." > > My PHP setup serves files from DOCUMENT_ROOT=/var/www/html. If I place files > in '/var/www/html/secure' would this provide any isolation for file access? > Am I correct in thinking that 'below' is not the same as 'outside' doc_root, > and that i this case, no protection would be afforded? > > Tia, > Andre > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php