Includes

adh32 · March 25, 2011, 12:08am

I just read a comment in another thread which stated that server-side includes should be stored in a directory that is outside of the public part of the directory structure. I didn’t want to jump in on someone else’s thread and a search found nothing, so I have a few questions about that.

What benefits does it bring? Surely what amounts to HTML snippets are not of any interest or at any risk?

If it is worthwhile, how would I do it? How do I work out if the directory structure is suitable and whether the host will allow it? How do I write the includes to access such a directory?

Mittineague · March 27, 2011, 3:35am

I think it was mentioned in the other thread, but it doesn’'t mean every file you “include” eg. header.tpl.php and footer.tpl.php should be OK wherever.

But if the PHP pasrser crashes and a .php file is requested, it will be served as plain text.

So things like passwords.php, databaseloginfo.php etc. are best kept outside of the public root.

You can also put media or other files outside the root and have a public file fetch them when and if certain text conditions are met.

Topic		Replies	Views
PHP Includes help PHP	3	739	October 18, 2014
Is it good to store files outside public_html? Server Config	7	8693	April 1, 2016
Hiding Stuff Server Config security	6	657	May 30, 2011
Where to put include? Server Config	6	589	October 8, 2014
Where Do I put uploaded website files Hosting	2	1189	November 18, 2023

Includes

Related topics