Download php files

Anon

Hello there.

I have a question for security.
Is there any ways for someone to download php files from my server ? I know it cannot do that with a brouser, but may be thats is possible for any programs. Am I right ? I have no idea.

mano
Bulgaria

Anon

I thought about this myself, I was worried someone could get passwords and things like that.

1) Use CHMOD 700 for all your files.

2) I use the include command and have the php files in another location (behind the www directory).

My actual file on the www directory looks something like:

include "/php/mainpage.php";

That's it. That's the code for index.php

the 'mainpage.php' file has all the real code and is WAY back in the server. This makes it difficult for a hacker to see it.

If your hosting a site and they won't let you do this, then create a directory and CHMOD is so NOONE but you can get in, then get the files from there as an include command.

Anon

Thanks a lot.

mano

Anon

which programs are able to do this?