Re: [PHP] How do you keep your scripts secure?

Wed, 14 Mar 2001 18:11:22 -0800 

the much easier method is to change all your code extensions to be either parsed or 
forbidden in httpd.conf

    <Files *.egn>
        AllowOverride AuthConfig FileInfo Indexes Limit Options
        Order allow,deny
        Deny from all
    </Files>

or

    AddType application/x-httpd-php .inc .php .php3 .phtml .egn .wml

that will protect agains people typing the url in their broswer to get the code. to 
prevent people from ftp'ing in and getting others code, not just their own use 
protftpd, this will allow every user to have their own root dir.

        DefaultRoot             ~/wwwroot/

in the users home dir, ie. /home/lee make a symbolic link callred wwwroot to where 
ever you want their home ftp dir to be.

ln -s /home/httpd/vhosts/lee.com /home/lee/wwwroot

done.


-- 

 Chris Lee
 Mediawaveonline.com

 ph. 250.377.1095
 ph. 250.376.2690
 fx. 250.554.1120

 [EMAIL PROTECTED]




"Jack Dempsey" <[EMAIL PROTECTED]> wrote in message 
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Murph wrote:
> 
> Hi.
> 
> So, I've written all this nifty code and I'd like to do what I can from having it 
>pilfered.
> 
> What do you do to keep your stuff safe?
> 
> Murph
> 
> www.murphatnight.com
> __________________________________________________________________
> Brian Murphy - 193A Lowell St., Apt. 24 - Methuen, MA 01844 - (978) 725-6654

hey murph,

i have the same issue...the only thing i've found so far is the zend
encoder....cept it costs money...too much for me....so, if you're
worried about keeping others from looking at it on your server, i
suppose you could change perms...but then you'd have to make sure they
can still be accessed on the web....if you are selling them or putting
them on others servers, i really don't know what you can do....

jack

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to