: In httpd.conf why would you want AddType for phps? We have an AddType as follows: AddType application/x-httpd-php-source .phps I was wondering what this was, and did some searching. It seems
We have an AddType as follows:
AddType application/x-httpd-php-source .phps
I was wondering what this was, and did some searching. It seems this is barely documented anywhere. Based on a hunch, I made a copy of index.php to index.phps. As expected, loading that file displays the PHP source instead of the rendered web page.
Nice feature, but it seems to me this could be a security issue. Why would someone what to use this feature. Is there discussion of this aspect anywhere?
More posts by @XinRu657
1 Comments
Sorted by latest first Latest Oldest Best
loading that file displays the php source instead
With syntax highlighting. The same as if you had called PHP's highlight_file() function on that file.
It's just a feature if you need to quickly document some code. Many sites display syntax highlighted code on their blogs etc. PHP has this built-in if you need it.
If you don't need it, remove it.
could be a security issue.
Don't give your files a ".phps" extension! :) To be honest, if your site is sufficiently hacked to be able to rename your files then you've probably got more serious things to worry about. Any PHP files that contain sensitive information should be stored outside of the document root.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.