Sometimes, you write scripts that are invoked on command line, which can be included in crontab jobs. But you don’t want these visible in web browsers. You could move these scripts outside the web public folder, but it is not always possible if you are using share-hosting services. It is also useful to include scripts in the web public folder, which is easy to manage. So you can use the following two methods to prevent scripts running in the browser.
Apache2 .htaccess control
Create a folder that stores all these scripts. Create a .htaccess file that has the only 1 line.
deny from all
And apache2 server will deny all requests to the scripts in the folder.
Check REMOTE_ADDR
The Server variable REMOTE_ADDR is set in the browser but not on the command line, therefore, at the begining of your PHP Scripts (other scripting languages are similar), you could judge base on this:
1 2 3 4 | <?php if (isset($_SERVER['REMOTE_ADDR'])) { die('Permission denied.'); } |
<?php if (isset($_SERVER['REMOTE_ADDR'])) { die('Permission denied.'); }
Make sure you try visiting the script in the browser and under the command line to verify the results.
–EOF (The Ultimate Computing & Technology Blog) —
loading...
Last Post: Do Thread A and B Require Mutex to Operate on High/Low of a DWORD?
Next Post: How to List Installed Hot Fixes using VBScript on Windows Platforms?