[PHPTAL] Cache / Compilation behavior
Kornel Lesinski
kornel at aardvarkmedia.co.uk
Thu May 8 13:06:23 CEST 2008
On Thu, 08 May 2008 10:43:27 +0100, Iván -DrSlump- Montes
<drslump at pollinimini.net> wrote:
> What about using an .htaccess to deny access on the output directory?
>
> In the ideal case scenario it should be outside the document root of
> the web server (not accessible from the internet).
Of course they should be outside of web server root (although they're
rather harmless, because the template code is in a function. The compiled
template files when executed from outside will not execute template code
and will not reveal any data).
I assume the extra protection is needed to protect from other users that
have access to the file system or just to harden website against attacks.
--
regards, Kornel
More information about the PHPTAL
mailing list