1: Manage Installation scripts
If a developer has installed a PHP script for a third-party application, the script is used to install the entire application's working component and provide an access point. Most third-party packages recommend that you remove the installation scripts that are included in the directory after installation. But developers want to keep the installation scripts, and they can create a. htaccess file to control access to the directory.
AuthType Basic AuthName "Administrators only" Authuserfile/usr/local/apache/passwd/passwords Require Valid-user |
Any unauthorized user who tries to access a protected directory will see a prompt asking for a user name and password. The password must match the password in the specified "passwords" file.
2: Header File
In many cases, developers can include several scripts that are distributed in the application into a single script. These scripts will contain an "include" directive that integrates a single file into the code of the original page. When an "include" file contains sensitive information, including the user name, password, and database access key, the file extension should be named ". php" instead of the typical ". Inc" extension. The ". PHP" extension ensures that the PHP engine will process the file and prevent any unauthorized access.
http://www.bkjia.com/PHPjc/445674.html www.bkjia.com true http://www.bkjia.com/PHPjc/445674.html techarticle For years, PHP has been a stable, inexpensive platform for running web-based applications. Like most web-based platforms, PHP is vulnerable to external attacks. Developer 、...
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
