Anybidy know how do i hide the PHP script's extension?
example :
www.domain.com/flash.php?fmt=2
to
www.domain.com/flash?fmt=2
example :
www.domain.com/flash.php?fmt=2
to
www.domain.com/flash?fmt=2
hide extension
- Thread starter radofeya
- Start date
marshian
New Member
- Messages
- 526
- Reaction score
- 9
- Points
- 0
You want to know how it is possible those two pages go to the same location?
You could do it with .htaccess and server config etc I think, but this is an easyer way:
/flash/index.php is this:
All it does is redirecting the user to /flash.php and it adds the same arguments.
Another possibility is just including flash.php eg
I hope this was of any use.
Marshian
EDIT: if you're using post queries, you might lose your info with the redirect.
You could do it with .htaccess and server config etc I think, but this is an easyer way:
/flash/index.php is this:
PHP:
header("Redirect: www.domain.com/flash.php?".$_SERVER[QUERY_STRING]);
exit;All it does is redirecting the user to /flash.php and it adds the same arguments.
Another possibility is just including flash.php eg
PHP:
include "../flash.php";
exit;I hope this was of any use.
Marshian
EDIT: if you're using post queries, you might lose your info with the redirect.
Last edited:
- Messages
- 5,508
- Reaction score
- 35
- Points
- 48
1.Put "DefaultType application/x-httpd-phpv2" in your .htaccess without quotes.
2. upload the file as no extension (in windows, you need to have the setting "Show filetypes" set to on. And then save the file like flash.txt and rename it to just flash)
2. upload the file as no extension (in windows, you need to have the setting "Show filetypes" set to on. And then save the file like flash.txt and rename it to just flash)
You can write your .htaccess file
Asif
http://www.phpasks.com
Code:
<Files filename.php>
order allow,deny
deny from all
</Files>
or hide all files with ext:
IndexIgnore *.php *.jpg
or protect file:
<Files "filename.php">
AuthType Basic
AuthUserFile "/path/to/your/htpasswd/file/.htpasswd"
AuthName "webFileBrowser"
Require valid-user
</Files>Asif
http://www.phpasks.com
Use content negotiation offered by mod_negotiation, in particular the "MultiViews" option. Edit the relevant .htaccess file(s) and add:
If you already have an Options line, add "+MultiViews" or "MultiViews" to it as appropriate.
Code:
Options +MultiViewsI've heard that too, but I don't really agree with it. When I used to mess around with websites before I started developing them, what language was being used didn't have *that* much of an impact on how to do something.
Yes, there are some exploits specific to a language or 3rd-party app available in a certain language, but trying to hide which language you're using isn't the answer. That may slow them down, or even be enough to stop some, but any security hole will be exploited if someone is looking for them. Obfuscation alone is no security at all. Just because you surrounded your house in fog, doesn't mean you can leave the door unlocked
Understanding and knowing about possible holes, writing your code well, and testing your code thoroughly is all you need to do to be sure of your code's integrity.
Yes, there are some exploits specific to a language or 3rd-party app available in a certain language, but trying to hide which language you're using isn't the answer. That may slow them down, or even be enough to stop some, but any security hole will be exploited if someone is looking for them. Obfuscation alone is no security at all. Just because you surrounded your house in fog, doesn't mean you can leave the door unlocked
Understanding and knowing about possible holes, writing your code well, and testing your code thoroughly is all you need to do to be sure of your code's integrity.