Asked 8 years ago
16 Oct 2016
Views 1152
sarah

sarah posted

how to prevent people to view some files like .ini or .txt in lamp server ?

Hi
actually i am old school and saved some config setting at .ini file and .txt file and now i want to secure it so people cant browse and see it .
right now if any one browse with www.myhost.com/config.ini at my site than they can see the content of the config file and

i want hack or something so .ini or .txt it cant be view able for the web client
you can suggest any type of solution which work by lamp so php or apache or any hack which can do and can improve the security any how .
why you not make php file like config.php for all config setting storage - Phpworker  
Oct 16 '16 07:19
ravi

ravi
answered Nov 30 '-1 00:00

use FileMatch to Deny access for all web users
put following code at httpd.conf at your Apache Server


<FilesMatch "^\config.ini">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>


<FilesMatch "^\(filename to search in environment)">

suppose following line prevent the .htaccess and .htpasswd files from being viewed by Web clients.

<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>


"^\.ht" search for all file which start from .ht and disable access for all web clients.so it .htaccess and .htpasswd files from being viewed by Web clients.
Post Answer