Reputation: 1
text file permissions to restrict browser access
I've created a log file that is updated whenever someone logs to my webpage. Whether the logging was successful or not. This log has some sensitive information, like unsuccessful password attempts, which most of the time would be close to the correct password. So I don't want someone to go to www.mysite.com/log.txt and find all of this information.
So is there anyway I can modify the permissions of this txt file and make it accessible only from the php page where it writes to it, and of course only through FTP? Meaning is there a way to restrict access to this txt file from the browser while allowing writing to it from a neighboring php file?
P.S. I've already created a random name for the text file to make it difficult to guess from the browser, but I just want a more secure approach.
Thanks in advance for help.
Upvotes: 0
Views: 387
Answers (1)
Reputation: 14921
If you want to put the file in your web root, create a separate folder and put the file in it, next create a .htaccess file and fill it with the following code:
<Limit GET POST>
order deny,allow
deny from all
allow from 127.0.0.1
</Limit>
Upvotes: 3
Related Questions
- Proper permissions, ownership to allow php to parse contents of file but disallow access from web browser
- Restricting direct access to php file
- How to restrict access to content on a website?
- What permission do I set for a file/folder allow read from PHP but not from browser?
- restrict access on file with php in apache
- How to deny the web access to txt file?
- How to hide a .php, .html or .text file from an external web user
- Securing a text file in a website folder
- How to restrict access to a PHP file?
- PHP only allow server to access a PHP file