Let's say I would like to protect my PHP files that are on the public server and are used as a part of the website. Does anyone can easily access these files just like HTML/JS/CSS files through developers tool in the browsers or extensions such as FireBug?
I am guessing that it is not possible through these tools, but what about if someone's trolling the URL and just randomly tries to guess the name of the php files, which would be easy for something like results.php or similar. Is the file displayed just like that if they guess it? (read/write rights are required for the user to actually make the php work, or is it fine to take user's r/w access to the php files and the website will behave the same accessing the php when user sorts of request it using the website?)
What if someone's gonna write a script to troll the URL?
Aucun commentaire:
Enregistrer un commentaire