|
|
Chapter 10: Security Issues |
|
Keeping it private | |
|
Your site/server may allow anonymous ftp. That means that anyone with an ftp client can see, download and modify your scripts. This is a dangerous situation! You should make sure that accessing your site via ftp requires a valid username and password. That it is the first step in keeping your vital scripts safe from hackers and others who don't have your best interests at heart. Protecting ftp access is only one of a number of security measures you should take. Some scripts create log files that may contain information you don't want just anybody to see. These files should never be created and stored in a folder that is visible to web browsers. Look at how a script is configured. Pay close attention to where its log files, if any, are going to be kept. If they aren't in a secure location, you should change their path so they are more secure. |
|
There are several places that are much more secure than your main web folder. Most often the main folder (where your web pages are stored) is called /www or /public_html or /htdocs. Generally, folders created under this one are not secure either. One good exception is /cgi-bin. Often it's inside your main folder. Sometimes it's at the same folder level. Check your file system to be certain that you know where it is. When you first connect to your site with an FTP program, you'll usually see the /www or /public_html folders listed. This means you're one level above them, in the "root" level of your hosting account. That is a great place for log files in most cases. Try putting them there and be sure you can write to them. Sounds good but how do you do that? It's pretty easy. The "path" to a file on a web server follows the Unix/Linux filesystem conventions in most cases. Your home page is probably located on a path like this: /home/user/public_html/index.html. From this point in the file system you can go up a level by putting "../" in front of a filename. Confused? Let's look at an example. Suppose you have a file called orders.php that has an order form, some code to process the form inputs and some other code that writes to a log file. We'll call the log file "sales.log." When your code wants to write to sales.log, it has to open it. If sales.log is in the same folder (public_html) as orders.php(unsafe!), you open it like this: $filename = "sales.log"; $logfile = @fopen($filename, "w+") or die("Couldn't open the file"); To make the sales.log file much safer from prying eyes, move it out of /public_html and into the same folder that /public_html is in. That's one level higher than before. Now you'll open it this way: $filename = "../sales.log"; Or, you could move it to the /cgi-bin folder. Then you'd open it this way: $filename = "/cgi-bin/sales.log"; OR $filename = "cgi-bin/sales.log";
Restricting access to your PHP scripts |
|
One thing to consider is how to prevent your scripts from being called from any sites that are not under your control. You can do that by checking the environment variables to determine where the request (to run the script) originated. Then you can force the script to quit without doing anything if it was called from some other server. Here's an easy way to implement this security precaution: <?php This is not a perfect solution. Some people are capable of making it appear that the request did come from your server when in fact it did not. This hacking technique is known as "spoofing" the IP address. The function error() contains instructions for what to do in case of an error; it might display an error message, return to the previous page or whatever else you want it to do. |
| Previous Page Table of Contents Next Page |
Copyright © 2004 Steve Humphrey |