My host gives me two folders for my use, a /home/public/ which is where the pages go, and /home/private/, which is for my personal use. I would like for PHP to create a file that's readable by me from the machine but not by anyone else over the internet. Making the file in the public folder causes this problem. I thought about making the file owned by the apache group, but I'm not a member of it. It would be nice if I could put the file in my private directory, but understandably, I get access error when trying to write to a file in it. What do I do?
Asked
Active
Viewed 258 times
1
Jeams
- 35
- 2
1 Answers
1
Many packages require program / script accessible subdirectories within the html or public hierarchy.
Since you are (I assume) running on a shared service using suPHP or equiv this will only run scripts in the owners UID so this isn't available. I've a adopted a very simply convention: if any file or folder name starts with _ or . then access via a URI is forbidden. This is by a simple rule that I place in any .htaccess file with
SetEnvIf Request_URI "(^_|/_|^\.|/\.)" forbidden
<Files *>
Order allow,deny
Allow from all
Deny from env=forbidden
</Files>
Another way to do this is with a RewriteRule:
RewriteRule (^_|/_|^\.|/\.) - [forbidden]
This has the advantage that you can adopt this extremely simple convention for any include or data directories that you may wish access within your scripts but do not want them browseable via URI.
Footnote
I am a little confused about your statement:
It would be nice if I could put the file in my private directory, but understandably, I get access error when trying to write to a file in it.
Is this one of these funnies where the service provider's UID owns /home/private/ and you only have read access through your GID? My ISP does the same to dump thing like logfiles. I can read but not write or delete. That's why I use /public/_private. Sorry for the oxymoron.
-
1@footnote: I have – Jeams Jan 15 '12 at 23:40