Bert-Jan wrote: > I've implemented it in an easier way (very much easier if you run a lot of > symfony-based websites on a server): Simply deny access to your *_dev.php > files in the configuration of apache. It does it the same way for .ht* > files. With deny from all, allow from<your ip> you can disable access > server-wide without changing any code. >
As I said earlier in the thread - I think the method provided out of the box needs to 'just work'. If you're running IIS, or any other web server, the solution should still work. Having said that.... What are peoples thoughts on having IP restricted / htpasswd restricted stuff in the default .htaccess, but commented out. Also, how about an extra .htaccess in the project root that will protect access to files should people set the web root as the project root, rather then 'web'? If we're doing that, should there be an index.php in the project root that automatically redirects to 'web' ? That doesn't protect against anything though really, it just 'hides' things a little better. I don't like all the ideas above, but I'm throwing them out there anyway - lets see what we come up with! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
