Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

protecting php files

Status
Not open for further replies.
neonep

neonep

Programmer
Jun 26, 2003
34
0
0
hi all,

I have a public_html directory on my account in a server. There are other users on the server too. public_html being chmod'ed to 777 can be accessed by any other users too. I have some php files in the public_html directory, which are chmod'ed to 777 too to be able to execute them from a webpage. Obviously people won't be able to see my php code from the webpage but other users having access to the server might just cd into my public_html directory and view all my files because they are chmod'ed to 777. Is there anyway to prevent others from actually seeing what my code looks like even though they should be able to execute the php through a web browser? The php code basically reads and writes off a database. I tried changing permissions of the php files to 711 and I couldn't view them from the webpage. Please suggest.
 
Sort by date Sort by votes
I'm not familar with all of the linux/unix shells but if your server is set to use bash them you could contact your provide and see if they could implement the below

in each users directory there would be a profile file(/home/username/.bash_profile)
add this line to the (/etc/skel/.bash_profile) file
this ensures that any new users that are created on the system will have this added to there profile file
\/ line to add to users profile file
chroot $HOME

but then the annoying part they would have to add this to each users profile file - I'm sure they could come up with a script that would do it pretty quick - but it is their servers so they may not what to take the time to do this
if not you may just want to find one that will

(by the way this post belongs in the linux/unix server section - not the php section)

%, 2004

 
Upvote 0 Downvote
also you need your php files to be chmod 755 not 777
this means that any one can read & execute the files and only the owner can modify the files

if you have them set to 777 then that means that anyone on the system can modify them

%, 2004

 
Upvote 0 Downvote
Upvote 0 Downvote
I don't think the sysadmins will be willing to do that. And I understand that 755 will make it so that one can read and execute but I basically don't want anyone other than me to read or write to it, but all should be able to execute it. Is there anything I can do as a temporary solution?

Also, like you suggested I will start a new thread in the linux/unix server section. Thanks.
 
Upvote 0 Downvote
What about .htaccess and redirecting? I don't know much about them but I've heard people say they use it to protect there stuff. Try doing a search on this or the Apache forum for more info.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
116
SashaBuilder3
SashaBuilder3
PeDa
  • Locked
  • Question
Unwanted spaces in php HTML mail 1
Replies
4
Views
106
PeDa
PeDa
Mandy_crw
  • Locked
  • Question
How to send sms in PHP using usb gsm modem?
Replies
1
Views
119
vishvajit
vishvajit
lflynnlrf
  • Locked
  • Question
wordpress/ shortcode/ PHP duplicating code
Replies
1
Views
66
spamjim
spamjim
cmayo
  • Locked
  • Question
Is PHP/PEAR MDB2 dead? Which PHP abstraction layer should I use?
Replies
1
Views
51
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top