UK WEB HOSTING FORUM FOR DISCUSSION ON WEB HOSTING SERVICE AND SUPPORT
LINUX HOSTING WINDOWS HOSTING PACKAGES SHOPPING CART OSCOMMERCE ZEN CART AGORA
ECOMMERCE HOSTING ASP MSSQL FRONTPAGE HOSTING PHP MYSQL HOSTING DISCUSSION FORUM
CPANEL RESELLER HOSTING DEDICATED SERVER VPS HOSTING PLESK VIRTUOZZO
Quick Search
Your forum announcement here!

  UK Web Hosting | Dedicated Server Windows and Linux VPS Forum > Web Hosting and Domains > PHP Hosting
PHP warning

View Poll Results: Do you use .inc files?
Yes 4 44.44%
No 4 44.44%
Huh? 1 11.11%
Voters: 9. You may not vote on this poll

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 30-11-2005, 00:53
Member
  
Join Date: Nov 2005
Posts: 39
Default PHP warning
Hello,

Just a friendly warning.
While I was learning PHP I read alot of stuff.
Most of this seemed to have standard examples of how to do different tasks.

For database connection they said it was good to use the include option so that if you change your database details or password then you can just change one file and the rest are updated.

Anyway the examples had db.inc as the file name generally in a folder called include.

If other people like myself who have read this go around trying this folder/filename combination on your website then they could get that file to load.

Now to the problem. if this file extension is not setup as a file type to be parsed by a program the details will load as a simple text file.

Exposing your password and other details.

I noticed this while working for a client that had already done this on there website.

So best to rename then files db.inc.php so no text is shown.

I searched in google and found a few on these and warned the owners, much to there suprise
Reply With Quote
  #2 (permalink)  
Old 30-11-2005, 08:30
Junior Member
  
Join Date: Nov 2005
Posts: 27
Default
Yeah I used to use .inc files, but then my server got hacked cus I stored my db connex usernames etc in there. Quite stupid of me when looking back, but these lessons are learnt I suppose.
Reply With Quote
  #3 (permalink)  
Old 30-11-2005, 08:31
Junior Member
  
Join Date: Nov 2005
Posts: 27
Default
Oh and also you might want to check out this website:

http://www.phpadvisory.com/

Its a good website if you want to read up on some tips / suggestions for securing your website a little bit more.

Cheers
Nick
Reply With Quote
  #4 (permalink)  
Old 30-11-2005, 09:10
Member
  
Join Date: Nov 2005
Posts: 41
Default
If I need to, I just use

<?php
# Filename include.baseconfig.php
errorreporting(0);

//Insert PHP

errorreporting(10);
?>

Somethign along them lines should work if you're lazy
Reply With Quote
  #5 (permalink)  
Old 30-11-2005, 12:17
eUKhost.com's Avatar
Chief Marketing Officer
  
Join Date: Sep 2005
Posts: 4,294
Send a message via AIM to eUKhost.com Send a message via MSN to eUKhost.com
Default
dodgerz,

All our customers have put their mysql access details in some or the other config file which is not difficult to view. cPanel has taken care of security of your database as it does not allow anyone to connect to the database remotely untill and unless specified in the mysql section of cpanel.

Make sure that you never add % in acces host section of control panel as that must have allowed the hacker to spoin your database.

Regards,
Mark,
http://eukhost.com
Reply With Quote
Reply

« Linux,Apache,MySQL,PHP Hosting | PHPguarddog Hosting »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT. The time now is 11:21.

 

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
LinkBacks Enabled by Web Hosting 3.1.0
Copyright © 2001-2008, eUKhost.com. All rights reserved.

Dedicated Server Hosting | VPS Hosting | Web Hosting UK | cPanel Hosting | Contact Us | UK Web Hosting | Archive
 
Site Map

VPS Hosting
VPS Hosting plans

Dedicated Server Hosting
Dedicated Server plans

Business Web Hosting
100% uptime Hosting

Cpanel Hosting
cPanel Shared Hosting

Reseller Hosting
Reseller Web Hosting

Windows Hosting
Windows Shared Hosting

Windows VPS
Windows VPS Hosting

Semi Dedicated Servers
Semi-Dedicated Hosting

Dedicated Server Mirroring
Dedicated Server Mirroring

Webhosting Knowledgebase
Frequently asked Questions

Web Hosting Blog
eUKhost Blog

Web Hosting Support
Support Helpdesk

UK Data Center
eUKhost Datacenter

Web Hosting Forum
eUKhost Forum

Support Tutorials
Online Flash Tutorials

Offsite Back-up Plans
Remote Backup Service

Customer Testimonials
eUK Customer Testimonials
knowledgebase articles

eUKhost.com Services

Pre-Sales Questions
Pre-sales FAQ's

Domain Names
Domain registration FAQ's

cPanel Hosting
cPanel Hosting FAQ's

Windows Web Hosting
Plesk Control Panel

Reseller Hosting
Reseller Hosting FAQ's

VPS Hosting
Virtual Private Server

Semi-Dedicated Servers
Semi-Dedicated FAQ's

Dedicated Servers
Dedicated Server Hosting
popular blog categories


Web Hosting
Website Hosting articles

UK Web Hosting
UK Hosting articles

Dedicated Server Hosting
Dedicated Server guidelines

VPS Hosting
VPS hosting articles

cPanel Hosting
cPanel Hosting articles

Linux Operating System
Linux Operating techniques

Windows Web Hosting
Windows plesk articles