Is it good to store files outside public_html?

I uploaded files like pictures, zip etc in outside of public_html. Can be potential vulnerability because I think passwords and other private information are there ?
Also on upload path I’ve added /home/username/foldername, I’ve tried with …/foldername but not works.

Probably this should go to another area of the forum because Community is more about fun stuff. The thing is, I don’t know exactly what you mean so if you could clarify that would be great

Thanks I’ve changed.
I stored pdf files which I’ve upload within article.So they goes to /home/username/pdf which is outside of public_html.Is it good to store files there ?

But you want people to see them and read them… Or at least I assume you do. You mention passwords… Do I also have to assume that these PDFs are password protected?

Yes people can download via link.I wanted to say host passwords where stored.

If it’s not in the public folder, the public won’t be able to access it.
You can store things like php includes or other data accessed by server-side scripting outside of the public folder and present it to the public via the script which is in public. But the public can’t have direct access to things outside of the public.

I recently created an Ajax Search Tutorial and the online demo showed database access login files. To prevent the public from viewing the login details they were saved in a file above the root. If the file existed the file was loaded and access details extracted otherwise about six Php constants had to be defined by the user when they downloaded the source files.

This [SOLVED] thread details how I could find the path above the root. from any folder beneath the root. This saved having to hard-code the above the root path every time the above the root folder was required.

Is there a simpler way to find the "AboveTheRoot" path?

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.