I have set my Apache to deny any access to root directory but PHP script are still allowed to include/require files from any dir.
Should something be changed in PHP settings?
Radzio wrote:I have set my Apache to deny any access to root directory but PHP script are still allowed to include/require files from any dir.
Radzio wrote:Should something be changed in PHP settings?
Nobbie wrote:Read about "safe_mode" and "open_basedir" restriction if it is satisfactory to your needs.
Nobbie wrote:Yes of course, a HTTP request and a simple file-open are very very different things.
Radzio wrote:So one last question: do all directory access restrictions I made in httpd.conf apply only to HTTP requests?
Users browsing this forum: No registered users and 81 guests