Security of my application's user data with php

develop an application which has users and data saved in a database to access the database from the application use php. the issue is that if in a web page you put the place of the page you can access the list of php files How do I avoid it without blocking access from the application

There is a lot you can do...

https://www.php.net/manual/en/security.hiding.php

These best thing to do is to configure your php server (e.g. Apache) correctly

A simple example of an .htaccess file:

# Start the rewrite engine
RewriteEngine On
RewriteBase /

# Disable Indexing
Options -Indexes

# Remove PHP extension
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.+?)/?$ $1.php

# Deny Access to a Database File
<FilesMatch "database\.txt">
    Order allow,deny
    Deny from all
</FilesMatch>
1 Like