SitePoint Sponsor

User Tag List

Results 1 to 7 of 7

Thread: Hiding Stuff

  1. #1
    SitePoint Evangelist
    Join Date
    Mar 2011
    Location
    Bellingham, WA
    Posts
    450
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Hiding Stuff

    Hello!

    I'd love to know all of my options to hide things on the server.

    Right now I know how to

    1) Restrict access on pages
    2) Use .htaccess to not allow access to anything in a folder.

    I'd also like (if possible):

    a) Customize my .htaccess so that only certain files are not allowed to be touched within a folder
    b) Use php to safely hide sensitive material on a webpage (such as passwords)

    Thanks so much,

    Eric

  2. #2
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    If it is sensitive it doesn't belong on a public web server. If it needs to be hidden it should not be on a public web server. etc etc. You should think about what you are putting up. Does it need to be there? Should it be there? Why is it there?
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  3. #3
    SitePoint Evangelist
    Join Date
    Mar 2011
    Location
    Bellingham, WA
    Posts
    450
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the quick response!

    Basically, I need a place to store my config information (database passwords) so that my site can access them as it retrieves info from the database. This is my first time creating such a site, so any security help would be appreciated. In particular, can you clarify "shouldn't be on a public server"? I guess I'm not sure what the difference is between a "public" server and my "remote" server.

    Thanks for help with such noobish questions

  4. #4
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    A public server is one that is accessible via the internet, public anyone can reach it. As for configuration it should be outside of the folder where the web server reads your files. For example should not be in "public_html" or "www" or how ever it is named.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  5. #5
    SitePoint Evangelist
    Join Date
    Mar 2011
    Location
    Bellingham, WA
    Posts
    450
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Thanks, that makes sense!

    One last thing, it is true that some hosts don't let you put anything outside of public_html folder? I feel like I've read this somewhere. And, if that's true, do you recommend getting a different host?

  6. #6
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    If you cannot access anything outside of the web root then yes get a new host. You should also inform them they are creating several security issues by not allowing that.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  7. #7
    SitePoint Evangelist
    Join Date
    Mar 2011
    Location
    Bellingham, WA
    Posts
    450
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Muchly appreciated advice!

    -Eric


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •