Mobile app version of vmapp.org
Login or Join
Shelley277

: How to protect my files on Heroku My sendemail.php file is located in the root of my website, is there a way to protect it? Also i want to protect or hide my js folder, so noone can see

@Shelley277

Posted in: #Apache #Heroku #Htaccess #Javascript #Php

My sendemail.php file is located in the root of my website, is there a way to protect it? Also i want to protect or hide my js folder, so noone can see my code with direct link or via the google inspect console. I have tried the following with htaccess, the files don't appear in the console but i can see them with direct link. Here is what i have in the htaccess:

#<Files ~ ".js$">
# order allow,deny
# deny from all
#</Files>


For example on a website i inspect with firebug and i can't see the files.

10.01% popularity Vote Up Vote Down


Login to follow query

More posts by @Shelley277

1 Comments

Sorted by latest first Latest Oldest Best

 

@Ann8826881

#<Files ~ ".js$">
# order allow,deny
# deny from all
#</Files>



Yes, you will get a 403 Forbidden with the above code when trying to access any .js file, regardless of the way you access it, either from a direct link or when linked in your HTML source (unless it is pulled from your browser cache).

And that's the problem, you can't really protect client-side JavaScript files. They need to be downloaded to the client/browser in order to run. Once they are downloaded, they can be viewed.

However, sendmail.php is a different matter. This runs entirely on the server. But it depends on how it is being called whether it can be "protected". For example, if it's being called directly from an HTML form's action attribute then it can't simply be "hidden", as it will be hidden from your HTML form as well. In this case you need to make sure the script is secure, validating all inputs, spam protection, etc.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme