Let's say you put the bulk of site above public root folder, and the only thing that's being served client-side is css files, javascript files and images and only one index file that allows the site to show up and tells browser to look for the rest of the sites pages above the public_html folder.
so far so good?
well, one would think that's a pretty secure site, right?
the only thing that confuses me is, how to hackers hack sites? i think that hosting logins or ftp logins get compromised. and if that happens they can get to the files above public_html, so the question then becomes, what's the purpose of hiding the bulk of files above public_html? if the hackers wanted them they could get to them sooner or later.
typo: ...how *do hackers...
yes i can serve pages above public root folder. check out Codeigniter. the framework files are in 2 folders and someone can decide to use those 2 folders inside public_html or above it. it's a model-view-controller (MVC) system.
how does robots.txt keep people out of directories? i thought it was for blocking search engines from spidering certain folders. no?
so far so good?
well, one would think that's a pretty secure site, right?
the only thing that confuses me is, how to hackers hack sites? i think that hosting logins or ftp logins get compromised. and if that happens they can get to the files above public_html, so the question then becomes, what's the purpose of hiding the bulk of files above public_html? if the hackers wanted them they could get to them sooner or later.
typo: ...how *do hackers...
yes i can serve pages above public root folder. check out Codeigniter. the framework files are in 2 folders and someone can decide to use those 2 folders inside public_html or above it. it's a model-view-controller (MVC) system.
how does robots.txt keep people out of directories? i thought it was for blocking search engines from spidering certain folders. no?