PHP file security on webserver

前端 未结 1 1762
走了就别回头了
走了就别回头了 2021-02-10 16:55

I\'m slowly learning PHP, MySQL, along with some HTML, using localhost as my webserver. However, I\'m starting to wonder how my .php files are going to be secured if I put this

1条回答
  •  名媛妹妹
    2021-02-10 17:36

    Well, if you're using the .php extension, then Apache will serve up the parsed version -- echo and print will output but your variables won't.

    If you're still concerned there's a few ways of making your files more secure.

    • Apache aliasing is common -- it lets you have one directory act like it's another. In this case, you'd alias your PHP directory to some directory on your domain. If your file structure is /home/user/my_files/, you might alias my_files to be www.my-domain.com/files. The script would not be accessible there to the requests, but it would be accessible to something on the server.
    • Symbolic links or symlinks can accomplish the same as the above.
    • simply place the config files somewhere else and directly reference them. Generally not a good idea as it is hard-coding file locations, but it is an option.
    • the CodeIgniter method: in your index.php have define( 'IN_APPLICATION', 1 ); in your config files have if( !defined( 'IN_APPLICATION' ) ) die( 'No direct script access allowed' );

    0 讨论(0)
提交回复
热议问题