.htaccess

Kold

Hello.

This problem isnt strictly about PHP (but I will be able to fit the magical 3 letters in occasionally 😃 )

I have a PHP script that reads to contents of a file, and displays them on screen. The problem I have is that I dont want it anyone pointing their browser directly at the files directory and be able to read all of them. I need something like an 'Unauthourised Access' screen, even when they get the URL correct.

I have found 2 possibilities;
- CHMOD the folder (my windows windows test server doesnt support this, so I didnt look into it)
- .htaccess this looks like it could help, but there are so many different things to look at I'm not sure where to begin :queasy: I have tried a few things (.htpassword) but I havent yet been sucessfull.

If .htaccess is the way forwards, then could someone please say something relevant that I can stick in google and work it out?

Thank you 🙂
K.

devinemke

3 suggestions (2 of which you already thought of)

CHMOD the file to 600
hide the file behind htaccess password protection
store the file outside of the document root

option #3 is probably the simplest and certainly the most secure

Kold

Thanks!