You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Rich Pinder <rp...@usc.edu> on 2004/09/20 22:07:56 UTC
[users@httpd] Hiding contents of .py script files
I'm using Apache 1.3 with Python (Kinterbas) to access a Firebird database.
The .py script resides in a directory under the document root. If you
enter the full url to the script file, the browser returns a textual
representation of the script (complete with all my connection string
info & password into the database !)
What is a suggested way to disallow this ?? Can I add something to the
.conf file that renders all .py scripts 'non browserable' ?? I believe
there was (good?) reason that the script files are under the document root.
thanks for your help
rich
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org