View previous topic :: View next topic |
Author |
Message |
jscjso -
Joined: 27 May 2008 Posts: 15
|
Posted: Mon Jun 16, 2008 9:21 pm Post subject: website subdirectory protection |
|
|
My main directory of my website has pl and html files. When visitors run some of these files. The profile of the visitors are stored in txt file in a subdirectory.
How can I set up a security scheme to allow the execution of my web script to access, add, and modify the txt file in the subdirectory while blocking visitors to view the content of the txt file? Visitors can type the full path with filename of the txt file, the content will show up on the browser screen, I want to block this.
Is there a way to set in Abyss?
I tried from the Vista side to set the security. If you 'deny' the user on the subdiretory. The web script cannot access the txt file neither. |
|
Back to top |
|
|
rrinc -
Joined: 24 Feb 2006 Posts: 725 Location: Arkansas, USA
|
Posted: Mon Jun 16, 2008 10:13 pm Post subject: |
|
|
Use Access Control and block /name-of-file.txt _________________ -Blake | New Server :D
SaveTheInternet
Soy hispanohablante. Puedes contactarme por mensajes privados. |
|
Back to top |
|
|
pkSML -
Joined: 29 May 2006 Posts: 952 Location: Michigan, USA
|
|
Back to top |
|
|
DonQuichote -
Joined: 24 Dec 2006 Posts: 68 Location: The Netherlands
|
Posted: Sun Jun 22, 2008 9:29 pm Post subject: Why inside the web root? |
|
|
Is there any reason the files are stored within the web root? It is much safer to store anything that does not need to be called by a browser outside it. |
|
Back to top |
|
|
abyssisthebest -
Joined: 30 Jun 2005 Posts: 319 Location: Boston, UK
|
Posted: Wed Jun 25, 2008 7:32 am Post subject: |
|
|
The files could be part of a 'members only' area, meaning he only wants 'allowed' users to have access to the files.
But yes, things like cache files are more secure stored outside of the website directory. _________________ My online Portfolio |
|
Back to top |
|
|
|