Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am doing some rearrangements with my files, and I have a folder called PScripts that is reserved for system calls that I call upon to process internal server actions.
I need that folder to be out of reach of the sophisticated user and there should be no access to it. only for the system itself.
So, putting the folder inside htdocs should be ok, or should it be put somewhere else ?
Place it outside the document root.
When it’s placed inside
htdocs, its access can be restricted via.htaccess. However, this does not protect the files from being a victim of typos of the site maintainer.I have seen a case where PHP files (including hard-coded passwords) were exposed to the public, due to a crash or misconfiguration of the server.