> the much easier method is to change all your code extensions to be either
parsed or forbidden in httpd.conf
>
> <Files *.egn>
> AllowOverride AuthConfig FileInfo Indexes Limit Options
> Order allow,deny
> Deny from all
> </Files>
>
> or
>
> AddType application/x-httpd-php .inc .php .php3 .phtml .egn .wml
>
> that will protect agains people typing the url in their broswer to get the
code. to prevent people from ftp'ing in and getting others code, not just
their own use protftpd, this will allow every user to have their own root
dir.
>
> DefaultRoot ~/wwwroot/
>
> in the users home dir, ie. /home/lee make a symbolic link callred wwwroot
to where ever you want their home ftp dir to be.
>
> ln -s /home/httpd/vhosts/lee.com /home/lee/wwwroot
---
Hi, Chris. Thanks for the thoughtful response - as always.
I buy hosting service (from Hostway.com, BTW. Great company; I'm a very
satisfied customer.) so much of this isn't an option for me.
What do you mean when you say "people typing the url in their browser to get
the code?" I use MSIE and to get any of my web pages to show up on the
Internet, I always have to type a url into my browser but I never see any
code.
I've seen other people say the same thing about people typing a url and
getting code but I'm afraid I don't quite understand.
Let's say I have some include file somewhere. Do you mean that if someone
knew the name of the include file, they could type that path and file name
and the code would display?
I've never seen that happen so it might be safe to assume that my service is
configured properly, right? Although I know you're going to say, "Murphy,
ask them to be sure."
Thanks for the help.
Murph
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
