[FX.php List] Web Root Directory - clarifying exactly *which*
folder?
Tim 'Webko' Booth
tim at nicheit.com.au
Thu Oct 16 16:40:53 MDT 2008
>>>
>>>
>>> I know it's a good idea to keep passwords etc out of the web "root
>>> directory" so no one can access them via the Web. I generally err
>>> on
>>> the side of caution but am curious about exactly *which* folder
>>> that is.
Actually, why is this the case?
Now, let's say I have a config file at a known web address - when you
load that file, as it is all inside php tags, nothing shows up via the
web... and if your machine is compromised enough for people to be able
to see the raw file (pre-processing), then it's probably compromised
enough for people to see other places as well...
Happy to be enlightened on this though...
Webko
More information about the FX.php_List
mailing list