Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’ve been researching about webapp security for a few days now and I came across a suggestion. Hide php,js,css etc by using different file name extensions. How much does that actually help security wise? Is it worth doing or not? Thank you!
“Security by obscurity” is probably the weakest form of security.
It’s debatable that it may be even less secure than no security, due to giving a false sense of security.
Specific to web development, there is no point in hiding your client js and css files. Those files are rendered by the browser, and anyone who views the page can view them.
Also by renaming your php files, you might circumvent any light security your webhosting has enabled for protecting viewing of those files.