Php/Apache Ip Security
Say I am limiting my includes folder to the localhost like so:
<Directory "/includes"> Order allow,deny Allow from 192.168.1.0/24 Allow from 127 </Directory> Would this prevent a php script from including a file in that directory for a web server request? |
Nope - php includes don't look at htaccess or any apache directives, since they are file-based. Same goes for php command line script execution.
|
You are h4x0r3d bitch!
|
V_RocKs - Preemptive , borked - presumed, thanks. :thumbsup
|
Lulz at your question :D
|
Unless you use php URL include http://, then it will go through apache and respect htaccess
|
It's to narrow attack vectors somewhat. Namely to prevent scanning, or bypassing the flow. Way I figure it, I will not have to regard whole directories as exposed, but more simply as referenced.
|
All times are GMT -7. The time now is 03:18 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc