|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
03-25-2012, 10:40 AM
|
#1 |
|
So Fucking Banned
Industry Role:
Join Date: Feb 2005
Posts: 1,225
|
Php/Apache Ip Security
Say I am limiting my includes folder to the localhost like so:
<Directory "/includes"> Order allow,deny Allow from 192.168.1.0/24 Allow from 127 </Directory> Would this prevent a php script from including a file in that directory for a web server request? |
|
|
|
03-25-2012, 11:23 AM
|
#2 |
|
Totally Borked
Industry Role:
Join Date: Feb 2005
Posts: 6,284
|
Nope - php includes don't look at htaccess or any apache directives, since they are file-based. Same goes for php command line script execution.
__________________
 For coding work - hit me up on andy // borkedcoder // com (consider figuring out the email as test #1) All models are wrong, but some are useful. George E.P. Box. p202 |
|
|
|
|
03-25-2012, 11:30 AM
|
#3 |
|
Damn Right I Kiss Ass!
Industry Role:
Join Date: Dec 2003
Location: Cowtown, USA
Posts: 32,303
|
You are h4x0r3d bitch!
|
|
|
|
|
03-25-2012, 11:46 AM
|
#4 |
|
So Fucking Banned
Industry Role:
Join Date: Feb 2005
Posts: 1,225
|
V_RocKs - Preemptive , borked - presumed, thanks.
 |
|
|
|
|
03-25-2012, 11:56 AM
|
#5 |
Industry Role:
Join Date: Aug 2006
Location: Little Vienna
Posts: 32,234
|
Lulz at your question :D
__________________
For GFY administration inquiries- email info at gfy.com or send PM. For advertising inquiries - email marketing at gfy.com Inquiries which are not related to administration or advertising on GFY wont be processed. |
|
|
|
|
03-25-2012, 12:54 PM
|
#6 |
|
frc
Industry Role:
Join Date: Jul 2003
Location: Bitcoin wallet
Posts: 4,663
|
Unless you use php URL include http://, then it will go through apache and respect htaccess
__________________
Crazy fast VPS for $10 a month. Try with $20 free credit |
|
|
|
|
03-25-2012, 06:24 PM
|
#7 |
|
So Fucking Banned
Industry Role:
Join Date: Feb 2005
Posts: 1,225
|
It's to narrow attack vectors somewhat. Namely to prevent scanning, or bypassing the flow. Way I figure it, I will not have to regard whole directories as exposed, but more simply as referenced.
|
|
|
|
