Security Practice :: Minimizing Exposure
Security Practice :: Minimizing Exposure
Keep webroot clean
Any file that shouldnt be called via URL
Include files
config.inc
lib_db.inc
Backup files
index.php~
index.php.bak
Apache may be able to help. (.htaccess)
<Files ~ "(\.inc|\~|config.php)
$
">
Order allow,deny
Deny from all
</Files>
<Directory ~ ".*/CVS/">
Order allow,deny
Deny from all
</Directory>