How to protect php and folder files from unauthorized access?
Question
- I want to block direct access to different php files (by writing let's say
http://testpage.com/login_verif.php), for example the login verification one (that authentificates users). - Is it possible for an user to access the
config.phpfile that connects him to the mysql database (and has the password written in it)? - Also, how can you configure your
uploadsfolder, so that an user can only see the image for which he has the URL?
1 answers
solution1
0 ACCPTED 2019-07-23 20:50:42
- Exit the file if there is no data POSTed to the file, and/or place the file in a more controlled area .
- You should not have a config.php file - they are very much not safe, but instead environment variables .
- You may look into rewriting to disallow direct access , but allow referencing on the domain.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Protect PHP Scripts from unauthorized access
Protect folder from remote access in PHP
How to protect a CKEditor file upload PHP script against unauthorized access?
How to protect purely html page from unauthorized access?
Protect php files from direct access
how to protect deleting files from other folder
How to protect my image and file folder from direct access using url in PHP?
How can I protect files in a folder in a PHP site?
How to protect a public image upload folder from manipulation/direct access
Codeigniter : Protect folder from direct access
Related Tags