What level of security will this provide?

dlgilbert

I'm writing an application that puts data files in a specific directory. Assuming the directory is NOT outside the web tree, would it provide an adequate level of security to put an .htaccess file in the data directory with "Deny from all" in it? There are no "web page" files in the data directory, just files that will be accessed by the application scripts.

Thanks for your help!

steveryan

is there a specific reason why you can't do that?

dlgilbert

I'm just starting the development of this script, so the only reason I have it inside the web tree is for simplicity of my own use during development. I had considered having it there on completion to make the installation of the script dead simple (copy the files, chmod 1 thing, done).

It's not that I can't put it outside the web tree. I was just looking for an option and wasn't sure how much real security the .htaccess file would provide. I'd seen it done before with another app and was intrigued. :-)