Blog of Akbar Khrisna, Amsterdam and Malang based programmer and (interaction) designer.

Securing your templates folder.

Kafeinfo Bookmarking Sosial application is heavily based on the model-view-controller design pattern. To implement the MVC design, I use PHP Smarty templating engine for the presentation layer. One of the drawback is you can just view the templates by typing the templates address on your browser, ex. www.yourdomain.com/templates/index.tpl.

By looking and examine the template content, one can view what variables that are passed along to the template, the loop structure and that just doesn’t seems nice is it? That’s why to prevent a direct access to the template, I used a .htaccess file. Just create a file called .htaccess on your texteditor and type this:
<Files ~ “\.(tpl|inc|cfg)$”>

order deny,allow deny from all

</files>

And just upload this file in your templates folder.

Posted on Thursday, February 14th, 2008 at 2:31 pm and is filed under Internet, English, Programming . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Securing your templates folder.”

aRdho
April 24th, 2008 at 9:28 pm

wait wait. gw kira konsep MVC cuman ada di Java.. hahaha.. ternyata itu general toch

Securing your templates folder.

One Response to “Securing your templates folder.”

Leave a Reply