Originally Posted by till
Website files have to be uploaded to the "web" directory and thats possible with the ftp user. If you want to upload files by FTP that shall not be visible in the website, then they have to be uploaded into the private folder of the site.
That's not correct. Moderns frameworks like laravel, fuelphp or symfony example need to put some data outside the document root.
Is there a way to prevent this?
Thanks for support.