can apache server be able to access php files saved outside docroot
what if the person just guest the directory link and bypass index.php files residing on public_html

eg https://example.com/i have seen it/steal.php
won't it execute.

I think we need to tell apache not to load directory /web outside root as follows

<Directory />
Order Deny,Allow
Deny from all
Options None
AllowOverride None
<Directory /web>
Order Allow,Deny
Allow from all

my problem is that this only work in httpd.config file.

Ok Within my shared hosting account, i don't have access to httpd.config file. I entered the above code inside .htaccess files but is not working. it seems that directory tag is not allow inside .htaccess files<directory> </directory>

1: How can i achieve this using either php.ini or .htaccess
2: Can directory tag works inside .htaccess files

4 Years
Discussion Span
Last Post by paulkd
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.