Nginx [SOLVED]: Best way to keep files on web server secure

Nginx [SOLVED]: Best way to keep files on web server secure

Home Forums Nginx Nginx [SOLVED]: Best way to keep files on web server secure

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #36699

    Anonymous

    QuestionQuestion

    Context: I have some files on linux web server for example create_db.txt. They are using in my php scripts but now everyone can watch them by the direct link

    http://url/create_db.txt
    

    What is the right way to deny access to this files and still have opportunity to wright and read informations in them from php scripts. Thanks.

    #36700

    Anonymous

    Accepted AnswerAnswer

    If you are using Apache you could restrict access to specific files by adding an .htaccess file in the web root:

    <Files create_db.txt>
    Order allow, deny
    Deny from all
    </ Files>
    

    The Files section above would restrict access for all users to the create_db.txt file.

    Running nginx the same could be achieved by adding the following to your configuration:

    location ^~ /create_db.txt {
      deny all;
    }
    

    Like stated in the other answer you really should consider moving the file to a directory outside of your webroot. Of course the webserver must be able to access this folder. This can be done by setting the correct permission on the folder and perhaps by changing the owner to that of the webserver. Something like this:

    mkdir -m 755 -p /path/outside/webroot
    mv create_db.txt /path/outside/webroot
    chown -R <user>:<group> /path/outside/webroot
    

    Source: https://stackoverflow.com/questions/47960831/best-way-to-keep-files-on-web-server-secure
    Author: Cyclonecode
    Creative Commons License
    This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.