php - Setting file permissions on a web server -


need bit of clarification on this.

i have folder in web server contain sensitive information no 1 should able read. script this:

makes folder 0777 permission , places image in folder

i have second script this:

pulls image specific folder, , shows user

however, right if user knew exact name of parent folder, can type in browser , see images contained in folder, like: www.testsite/test/images

what file permission can use instead of 0777, allow these 2 scripst write in , read in folder, without allowing view contents of folder when typing in browser?

if understand problem correctly, you're worried user typing in /test/images/ url bar, , seeing directory listing containing secret file.

setting chmod of 000 mean neither of scripts (nor you) able access folder.

in opinion, you'd far better off using .htaccess deny all. make cannot 'open' file in folder, though can still include them in php.

alternatively, may opt creating index.php in /images/ folder, , setting automatic redirect header('location: /'). way user wouldn't able see directory listing.

hope helps! :)


Comments

Popular posts from this blog

ZeroMQ on Windows, with Qt Creator -

unity3d - Unity SceneManager.LoadScene quits application -

python - Error while using APScheduler: 'NoneType' object has no attribute 'now' -