------=_NextPart_000_0010_01C54FEF.0BC0F420
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi,

I would want to know how you secure the sensitive data into www =
directory, for example the username and password of a database =
connection. You use .htaccess or put the data outside of the www =
directory or if exists another tenchniques?

Thanks
------=_NextPart_000_0010_01C54FEF.0BC0F420
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1498" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I would want to know how you secure the =
sensitive
data into www directory, for example the username and password of a =
database
connection. You use .htaccess or put the data outside of the www =
directory or if
exists another tenchniques?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Thanks</FONT></DIV></BODY></HTML>

------=_NextPart_000_0010_01C54FEF.0BC0F420--

Efren Bravo wrote:
> Hi,
>
> I would want to know how you secure the sensitive data into www
> directory, for example the username and password of a database
> connection. You use .htaccess or put the data outside of the www
> directory or if exists another tenchniques?
>
> Thanks

THis entirely depends on the functino which connects to a database. In
PHP, I have some .inc files that I keep outside of the www root that
contain my database information and such, so that only the file being
run can access this include file.

Is this what you're looking for?

Thanks
-dant

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

I usually name all of my php includes as *.inc and add

<Files ~ "\.inc$">
Order allow,deny
Deny from all
Satisfy All
</Files>

to httpd.conf. This keeps them from being served and works extremely well.

On 5/3/05, dan <info [at] hostinthebox.net> wrote:
> Efren Bravo wrote:
> > Hi,
> >
> > I would want to know how you secure the sensitive data into www
> > directory, for example the username and password of a database
> > connection. You use .htaccess or put the data outside of the www
> > directory or if exists another tenchniques?
> >
> > Thanks
>
> THis entirely depends on the functino which connects to a database. In
> PHP, I have some .inc files that I keep outside of the www root that
> contain my database information and such, so that only the file being
> run can access this include file.
>
> Is this what you're looking for?
>
> Thanks
> -dant
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project=
..
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
> " from the digest: users-digest-unsubscribe [at] httpd.apache.org
> For additional commands, e-mail: users-help [at] httpd.apache.org
>
>

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org