NYCPHP Meetup

NYPHP.org

[nycphp-talk] Re: IIS 5 and .inc files

Emmanuel Décarie emm at scriptdigital.com
Tue Jan 13 13:40:01 EST 2004


Hello Keith, thanks for the reply.

If I understand you, your suggestion doesn't help to resolve my problem because
the access control is based on a repertory when I want this access control based
on the suffix of the file.

Your solution will not work if I have a repertory with this content:
http://localhost/testing/index.php
http://localhost/testing/index.inc

With Apache, it’s easy to tell the server not to serve files that ends with
".inc". I'm trying to figure out if this is possible with IIS 5.

Cheers
-Emmanuel


>Keith J Richardson Keith.Richardson at thompsonhealth.com 
>Tue Jan 13 13:23:06 EST 2004 

>1) Need PHP to include a file from a directory. in my example, it is
http://localhost/testing/index.php
>2) The include directory needs to have scripts able to read it, but must deny
browsing to those pages. - http://localhost/testing/include/lib.inc
>
>What I did:
>
>1) Go into IIS management, and select the directory that you want to change the
persmissions on, and in my example, it is /testing/include/
>2) Right click on the folder, and select properties.
>3) Uncheck read access. There should be nothing in the checkboxes.
>4) Test!
>
>You disabled read access from IIS to access those files, so when you type in
http://localhost/testing/include/lib.inc - it will give you a HTTP 403.2 -
Forbidden: Read Access Forbidden error. The reason why PHP can read the files,
is that the system has NTFS permissions to read the file. When php opens a file
to read, unless it opens it via a http:// command, it will read it locally,
which IIS has no control over.
--
Emmanuel Décarie / Programmation pour le Web - Programming for the Web
<http://scriptdigital.com/> - Blog: <http://blog.scriptdigital.com> - AIM: scriptdigital



More information about the talk mailing list