Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a site and I want to create a log.txt file which includes all user logs.For example a user logged in anytime and logged out. That is to say,time which users logged in and out. I can make this with database but there would many rows and I don’t want it. If I put log.txt file to /logs/log.txt,any user who writes domain.com/log/log.txt to address bar will see that file. How can I prevent this. (I use PHP)
It’s true that you can hide files from website visitors using
.htaccess, or by putting similar rules in other Apache configuration locations. But this kind of thing is not trivial, and it’s easy to make mistakes. The best way to hide files from site visitors is through the directory structure of your project. For instance:www/to contain all files website visitors DO need to visit directly with a browser. This will the the directory used as we website root in your Apache configuration. If browsers don’t need to fetch a file, it should not be here.logs/for logs,lib/for source code that gets included in your scripts,config/for settings and configuration files, etc. Since they’re not inside of the website root (www/), users cannot point their browsers at any of these files.If you’re on shared hosting, and they only give you one folder that is your website root, then you can’t do this. I wouldn’t purchase a hosting account from such a company, though, because there are plenty that DO let you put files outside your web root.