I am currently developing a PUBLIC and OPEN SOURCE software using PHP/MySQL. I have

Question

0

Asked: May 19, 20262026-05-19T21:49:45+00:00 2026-05-19T21:49:45+00:00

I am currently developing a PUBLIC and OPEN SOURCE software using PHP/MySQL. I have

0

I am currently developing a PUBLIC and OPEN SOURCE software using PHP/MySQL. I have a couple of important SECRET TXT files in a folder. I use them in the software, but problem is that they are also readable by anyone who knows folder and file names:

 secret_folder \ my_data.txt

I need to hide them against everyone who might be trying to get secret data without permission. I found this way (keeping all secret folders under a unique folder):

 U3IPpe8J_2573HkBfR0iYteH8X \ secret_folder \ my_data.txt

Unique key will be changing for each website (remember that the software will be open source and public).

Is it good enough for security, or should I use HTACCESS as well? If yes, how can I use it; or do you have any better idea?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-19T21:49:45+00:00

Remember, Security Through Obscurity Is Not Security. So no, it’s not good enough.

Add a deny rule in .htaccess for the secret_folder and be done.

So, your .htaccess would include:

<Directory /secret_folder>
    order allow,deny
    deny from all
<Directory>

Even better still would be to move secret_folder above the web root (so it’s not served at all).

/public_html/index.php
/secret_folder/my_data.txt

That way it’s literally impossible for anyone to request my_data.txt through Apache (they could if they hacked PHP code, but not directly through the web server).

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am currently developing a PUBLIC and OPEN SOURCE software using PHP/MySQL. I have

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply