security - web site access control PHP -


i want protect large class.php files on site. site runs on iis (godaddy); use web.config files;

question:

if page users viewing require('class.php'), can class.php file restricted server scripting? or file need in folder accessible. same db.php file containing database password.

edit

if make page on desktop link index.php file , right click , save have php file. can open ans see requires clss.php. can repeat , class.php file. want prevent

end of edit

so php processor have access file not users try download them.

if possible rule add in web.config file?

thank you!

a simple way define constant in first file, in class.php can exit if it's not defined. put first line, , ensure not called entry point.

or, place class.php outside of web root.


Comments

Popular posts from this blog

get url and add instance to a model with prefilled foreign key :django admin -

css - Make div keyboard-scrollable in jQuery Mobile? -

ruby on rails - Seeing duplicate requests handled with Unicorn -