Protecting XML config files

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Project Manager
    Confirmed User
    • Jun 2004
    • 162

    #1

    Protecting XML config files

    How can I protect xml config files from viewing by the user, yet allow my script to read it?

    if in .htaccess I deny .xml, then the script can't read it...

    Any solution to this?
  • lacuna
    Confirmed User
    • Mar 2006
    • 1950

    #2
    Put it outside your web directory, access it via path.

    2257 Third-Party Custodian of Records Services
    Designed by an attorney to be DOJ compliant
    Only $1 per record

    Comment

    • SilentSound
      Confirmed User
      • Mar 2009
      • 287

      #3
      ...if you put it in .htaccess, the script will be able to read it. htaccess controls files served by apache to the OUTSIDE world - if your script is on the same machine with the right permissions you will be able to read it.
      Last edited by SilentSound; 05-27-2009, 02:06 AM. Reason: typo

      Comment

      • sysk
        Confirmed User
        • Aug 2007
        • 1005

        #4
        How are you reading the XML file? .htaccess shouldn't block you from reading it unless you use a URL to open it. Use the local path instead.
        icq: 612510168 / email: [email protected] / php ninja 4 hire

        Comment

        Working...