If you can't store stuff ABOVE your doc root, you can protect them with a
.htaccess file.
I use this to refuse all *.inc files from being served:
<Files ~ "\.inc$">
Order Allow,Deny
Deny from all
</Files>
With this in mind, a quick visit to the Apache site should get you started
in the right direction.
Justin French
on 21/08/02 10:11 PM, Andre Dubuc ([EMAIL PROTECTED]) wrote:
> In another thread [How do you protect individual files], Justin French stated:
>
> "In real short, you want to store the files outside your htdocs root (so they
> can't be served by http) . . ."
>
> My PHP setup serves files from DOCUMENT_ROOT=/var/www/html. If I place files
> in '/var/www/html/secure' would this provide any isolation for file access?
> Am I correct in thinking that 'below' is not the same as 'outside' doc_root,
> and that i this case, no protection would be afforded?
>
> Tia,
> Andre
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
