I am programming a cms which uses text files to store passwords. I would like to know how I can prevent attackers from downloading these files and from viewing them in the browser. Please note that I am not placing these files outside of the htdocs folder. Secondly, I have noticed that I can download my php source code files by simply clicking save as. How do I prevent this. Thank you for the help in advance.
Is your host having PHP installed? Are you saving your PHP files with the .php extension? If yes, then visitors should not be able to download the script, but if they can, you should immediately contact your host because this means that some extension handler on the server is either not set or is malfunctioning.
rather than storing files as text files, you can save them as filename.inc.php and to make it more secure, place it below the web root. You can include the file where it is needed as: <?php incude_once 'filepath/filename.inc.php'; ?>
save them in a folder below your public_html folder, so they arnt accessible from the internet. if your on a shared server chances are it could get hacked through an insecure script in another site on the same server and the hackers could browse your home folder. This happens quite a lot and the only way to protect against it is to ioncube encode your files.
In addition to what is suggested here, I'd suggest that you do allow the files to be stored outside of the web area, and also to consider encrypting the files. There are encryption functions in PHP, and if you ever wanted to encode your CMS, some encoding solutions such as ionCube also have encryption features for non-PHP files built into their system that may offer advantages over encrypting with the opensource functions in PHP; this is because the parameters to any builtin functions can be intercepted by running code on a modified version of PHP, whereas this is less easy if calling functions in a closed source component. Another technique for preventing access to specific files is to use .htaccess files, but this increases the complexity of solution and increases the chance of a misconfigured system where the protection is not in place or working. Once the workings of any system gets known to hackers, weaknesses get identified, and even if encrypted, a publicly accessible password file is inviting attack. A further idea is to have a configuration file that specifies the name (or path) of the password file, and where you might initialise the file to a random name during installation. In this way there is then no known name for the password file, and the probability that the password filename would be guessed by chance is greatly reduced.
An easy option would be to store them in text files (ending with a .php extension), and putting this at the top of the file: <?php exit(); ?> Then you can read the file using the file function () and unset the first line (the exit line) and read as normal! Also, you can use one way hashes (MD5, SHA1) to encrypt the passwords, so even if the file is read, its useless! Hope that made sense! Jay