My main files are located in /var/www/html (the 'DOCUMENT_ROOT' in Apache, 
according to php.ini). All sensitive files have been moved to 
'/var/www/secure', but now I can't access them! (According to php.ini, the 
PHP core 'doc_root=none').

I'm totally confused. If I understand this correctly, I want the files in 
'/var/www/secure' to be served through php scripts that reside in the 
individual files that call them up in /var/www/html. So, the problem seems to 
be that either Apache or PHP doesn't know/can't access them. So, what am I 
doing wrong here?

I've also added a <FILes ~"\.sht$"> directive to refuse all .sht files 
(they're .inc's). How do get access for php to the secure file directory, and 
exclude the hackers?

At this point, I'm about as confused as I've ever been since beginning PHP. 
Any clarifications that will guide back into the fold, will be greatly 


PHP General Mailing List (
To unsubscribe, visit:

Reply via email to