On my webserver, i have database.php, and other important files that you may not want users to access, what steps or permissions do i give certain files that will not let users find them but also not break the website?
Hi godly, you can use htaccess to ensure that file can not be opened in the browser for example
<Files "Database.php"> Order Allow,Deny Deny from all </Files>
A better way will be to only expose a public directory with and index file in it to the web this is the approach I’m using for the Ecommerce course on here.
Hope this helps.
How do i do this for multiple files? Is database the only one that should be hidden from your user login course?
I will be quite tidous for you to do that except you use mode rewrite to hide file extensions so people don't know the name of any file in your system. If this is really a concern I will recommend following the pattern used in the ongoing ecormerce course or wait a while for me to create version 2 of the login course, which I plan to do very soon.
Checking now you may only need to protect the config folder where all the configuration are store.
Did that and everything seems fine Thanks!
So I went ahead and tried to look for some code and created a WordPress login system, I am not keeping it nor am I amused by it, but I was told to checkout WordPress, now I seemed to run into an issue where someone I believe is trying to attack my site? They signed up on my website from the same email host but with several different accounts, with no pourpus as there is no data on the site anyway, does the php login system you created avoid this?
Here is photo
There email host all the same host.