can apache server be able to access php files saved outside docroot
what if the person just guest the directory link and bypass index.php files residing on public_html
eg https://example.com/i have seen it/steal.php
won't it execute.
I think we need to tell apache not to load directory /web outside root as follows
<Directory /> Order Deny,Allow Deny from all Options None AllowOverride None </Directory> <Directory /web> Order Allow,Deny Allow from all </Directory>
my problem is that this only work in httpd.config file.
Ok Within my shared hosting account, i don't have access to httpd.config file. I entered the above code inside .htaccess files but is not working. it seems that directory tag is not allow inside .htaccess files<directory> </directory>
1: How can i achieve this using either php.ini or .htaccess
2: Can directory tag works inside .htaccess files