Reputation: 44066
PHP file permissions
I just launched an ec2 server and put all the php code on the server and I need to change the permissions so that a user cant go to the site like http:example.com/admin and see the list of php files....Do I need to change the permissions on the entire folder or each file or is there a recursive -R command that will work ...I think they are all currently 777 ...which is bad
Upvotes: 1
Views: 262
Answers (3)
Reputation: 1
Try inserting this PHP code:
<?php
if ($_SERVER['HTTP_CLIENT_IP'] == "insert_your_clientip_here") {
echo "";
} else {
return;
}
or use a password
<?php
$password="mypasswordhere";
if (isset($_GET[$password]);) {
echo "";
} else {
return;
}
then go to admin.php?mypasswordhere (this isn't brute force proof so use a very strong password)
Upvotes: 0
Reputation: 7507
Assuming you want to disable just the listing of files, and not access to the files themselves, then you'll want to disable the INDEXES option in Apache for that folder. Something like this in the apache config would probably be best.
<Directory /www/somefolder>
Options -Indexes
AllowOverride None
</Directory>
Upvotes: 1
Reputation: 13485
If your website is in an admin folder in the root of your webserver you can drop a .htaccess file in the admin root containing:
IndexIgnore *
Upvotes: 0
Related Questions
- AWS EC2 Ubuntu File permissions issue
- Change php.ini - amazon EC2. Problems with permissions
- php file write permission denied on aws ec2
- aws php script uploaded file permission issue
- Ubuntu - The right permissions to use file_put_contents
- PHP Fileupload to AWS EC2
- AWS EC2 php files
- File permissions on EC2 Instance
- php folders and files permissions
- PHP file permissions