View Full Version : Apache + PHP
25th April 2005, 13:35
I found out that if I disable the PHP module in my Apache Apache delivers all PHP pages in plain text so that everyone can read secret information like database passwords, etc. I have enabled the PHP module again, and it's working fine, but what if the module fails for some reason? Is there a way to tell Apache to not deliver PHP pages at all if the PHP module is not available?
25th April 2005, 14:41
I had to set up a Wikimedia Wiki once, and it needs the same feature for certain directories for security reasons. I had to put the following lines in the virtual host container in my httpd.conf:
<Files ~ '.php$'>
Deny from all
Allow from none
<Files ~ '.phps'>
Allow from all
That's for Apche 1.3 and PHP4. If you use Apache 2.0, use
And don't forget to restart your Apache! ;)
vBulletin® v3.8.7, Copyright ©2000-2014, vBulletin Solutions, Inc.