Viewed   53 times

I am using apache server. Is there a way to prevent users from accessing my include files directly ? But only allow the server the access to those ?



Another way is to have the include files outside of the directory the site is served from. For example:


So the Web site is served from http/, but includes are outside of that directory, meaning no one can access them directly from a Web browser, but your scripts can include them like this:

require_once '../includes/somefile.php';
Friday, August 12, 2022

As others have noted, most likely you don't have .html set up to handle php code.

Having said that, if all you're doing is using index.html to include index.php, your question should probably be 'how do I use index.php as index document?

In which case, for Apache (httpd.conf), search for DirectoryIndex and replace the line with this (will only work if you have dir_module enabled, but that's default on most installs):

DirectoryIndex index.php

If you use other directory indexes, list them in order of preference i.e.

DirectoryIndex index.php index.phtml index.html index.htm
Wednesday, December 14, 2022

There is no 100% secure way of avoiding people to vote more than once an hour, but here are few methods to make it harder for the users to circumvent it:

  • Place cookies on the users computer
  • Log their IP
  • Store content into their localStorage (only for users with HTML5 browsers)
  • If you really want to start digging deeper, you can start putting restrictions based on the users session length, how many pages they navigated prior to voting, i.e. starting to profile the users that try to circumvent the system, and start putting restrictions on those profiled users.
Monday, August 1, 2022
<?php date("H"); ?>

returns the current hour in a 24 hour format with leading zeroes.

That means, you can write something like this:


if (date("H") == 14)){
   die("You cannot get here right now");


This will "die" echoing the page, and will return the error instead, exactly during the 14th hour of the day (2:00 pm).

Give us more code/details to get a deeper answer.

EDIT: This is an expanded answer to the new question, asking,

Study hall at my school is 2:30 to 3:15, so how would I do that?

SOLUTION: Assuming study hall is the time when the students are allowed to use the (section of) the site, you would do something like this:


$bottomValue = 60*14+30;
$upperValue = 60*15+15;
$currentValue = date("G")*60+date("i");

if (($currentValue >= $bottomValue) && ($currentValue <= $upperValue)){
   // everything is OK = put some code here, or ignore this
   // well, this is the time they are not allowed to see this, so, let's try:
   die("Sorry, you are not allowed to be here right now.");  


To explain how this works: your time base is counted into minutes as $bottomValue and $upperValue. Notice how they are defined, it's 60 minutes multiplied by hour (14) plus minutes (30).

So, 14:30 is 60*14+30, therefore, 16:20 would be 60*16+20.

Then the base is compared to the current time and an appropriate code is executed according to the if/else statements.

Monday, October 17, 2022

I believe it's possible to set a php.ini per virtual host

<VirtualHost *:80>

    PHPINIDir /full/path/to/php/ini/


this way you can customize open_basedir and others

Tuesday, August 16, 2022
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :