The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
06-23-2005, 04:37 PM
|
|||
|
|||
Security: Denying direct access to files
I'd like to deny access to the include files - I know that vB tries to do this , but I'd like to do it explicitly. Other than /include/ , are there any dirs that can be denied?
|
|
#3
06-23-2005, 07:10 PM
|
|||
|
|||
|
Lol, denying clientscript, will make the board not function anymore i guess.
|
|
#4
06-23-2005, 07:12 PM
|
||||
|
||||
|
Quote:
Serriously though.. the includes directiory doesn't contain anything that can harm your board from direct web access.
|
|
#5
06-23-2005, 07:21 PM
|
|||
|
|||
|
well a good way to prevent a file from being called by itsel:
I believe this would work: Code:
if (eregi("filename.php",$_SERVER['PHP_SELF'])) {
header("Location:http://www.misite.com");
exit;
}
|
|
#8
06-24-2005, 06:38 AM
|
|||
|
|||
|
All scripts that are not ment to be called directly, are already "protected" against starting them directly, or at least protected from performing any actions.
|
|
#9
06-24-2005, 11:40 AM
|
|||
|
|||
|
The easy way to do this:
<Files *.php> Order allow,deny Deny from all </Files> <Files *.extension1> Order allow,deny Deny from all </Files> <Files *.anotherextension> Order allow,deny Deny from all </Files> Put this into .htaccess of every folder you want to protect.
|
|
#10
06-24-2005, 12:58 PM
|
||||
|
||||
|
You know what I meant
 I mean users cannot harm the board by accessing them directly I misunderstood what he was asking and thought he wanted to know what directories were protected from damaging the board by users typing the url in Satan
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 08:36 AM.