• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
add htaccess folder application

#1
Exclamation 
Why CI need defined('BASEPATH') OR exit('No direct script access allowed'); in all files application?
is required add index.html to all folders?

is secure use htaccess for deny application?
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>
Reply

#2
(04-30-2016, 02:42 PM)jonathanq Wrote: Why CI need defined('BASEPATH') OR exit('No direct script access allowed'); in all files application?
is required add index.html to all folders?

is secure use htaccess for deny application?
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>

I believe the check was intended to help secure PHP files from being executed directly when server was not Apache, or when certain Apache configuration was not available.
Reply

#3
(04-30-2016, 02:42 PM)jonathanq Wrote: Why CI need defined('BASEPATH') OR exit('No direct script access allowed'); in all files application?
is required add index.html to all folders?

is secure use htaccess for deny application?
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>

Hi According to my knowledge every framework has some rules to activate core files.  Once we generate request it goes to index.php that activates framework and its classes whatever we need to initiate or not then after looking on Base URL framework activates a specific controller, It makes sure that user merely is not trying to run single php file on server and also the framework was properly loaded. As running php file assumes that all classes that were needed by framework were already declared so runing a controller on its own may welcome a security threat. So we don't allow direct access. I hope this will clear you question. Thank you
Reply

#4
Its to stop them from viewing the php files if someone happens to hack your website.

If the BASEPATH is not set then they still cannot view the files, which means index.php was not loaded.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.