PHP file security on webserver

前端 未结 4 1545
北恋
北恋 2021-02-10 17:16

I\'m slowly learning PHP, MySQL, along with some HTML, using localhost as my webserver. However, I\'m starting to wonder how my .php files are going to be secured if I put this

4条回答
  •  攒了一身酷
    2021-02-10 17:26

    Well, if you're using the .php extension, then Apache will serve up the parsed version -- echo and print will output but your variables won't.

    If you're still concerned there's a few ways of making your files more secure.

    • Apache aliasing is common -- it lets you have one directory act like it's another. In this case, you'd alias your PHP directory to some directory on your domain. If your file structure is /home/user/my_files/, you might alias my_files to be www.my-domain.com/files. The script would not be accessible there to the requests, but it would be accessible to something on the server.
    • Symbolic links or symlinks can accomplish the same as the above.
    • simply place the config files somewhere else and directly reference them. Generally not a good idea as it is hard-coding file locations, but it is an option.
    • the CodeIgniter method: in your index.php have define( 'IN_APPLICATION', 1 ); in your config files have if( !defined( 'IN_APPLICATION' ) ) die( 'No direct script access allowed' );

提交回复
热议问题