#1  
Old 25th April 2005, 12:35
lola lola is offline
Junior Member
 
Join Date: Apr 2005
Posts: 7
Thanks: 0
Thanked 2 Times in 2 Posts
Default Apache + PHP

I found out that if I disable the PHP module in my Apache Apache delivers all PHP pages in plain text so that everyone can read secret information like database passwords, etc. I have enabled the PHP module again, and it's working fine, but what if the module fails for some reason? Is there a way to tell Apache to not deliver PHP pages at all if the PHP module is not available?

lola
Reply With Quote
Sponsored Links
  #2  
Old 25th April 2005, 13:41
jojo jojo is offline
Junior Member
 
Join Date: Apr 2005
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

I had to set up a Wikimedia Wiki once, and it needs the same feature for certain directories for security reasons. I had to put the following lines in the virtual host container in my httpd.conf:

Code:
<IfModule !mod_php4.c>
    <Files ~ '.php$'>
        Order allow,deny
        Deny from all
        Allow from none
    </Files>
    <Files ~ '.phps'>
        Order deny,allow
        Allow from all
    </Files>
</IfModule>
That's for Apche 1.3 and PHP4. If you use Apache 2.0, use

Code:
<IfModule !sapi_apache2.c>
instead of

Code:
<IfModule !mod_php4.c>
And don't forget to restart your Apache!

jojo
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 18:34.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.