Hi, I am building a new gaming project, it uses a multi-steps encryption system that has some parts that work with security keys, it’s not that secure to let the file that encrypts all the games data in the htdocs folder, Infinity free, please we need other folder to keep the most important files of of hands of the hacker, and in the same time it’s accessible by the domain itself without a URL, we need a better security for our websites, the only thing that prevents me from getting my project done that people will be able to get access to my file, please add another folder that can’t be accessed by a URL.
I think you posted just after my last visit. That’s unfortunate timing, not a deliberate attempt to ignore you.
For security reasons, PHP scripts are not allowed to access any content outside of your own website. This is what prevents malware in a single site from crawling and infecting all the other sites on the same account as well.
We could, theoretically, provide an option to disable this containment. But that opens the risk to people who just disable all security measures because they are inconvenient, and then blame others when their website gets hacked and breaks all websites on their account.
If the goal is to make certain files not web accessible, you can do that with htaccess rules. Simply create a separate folder, say protected and add a .htaccess file with the rule Require all denied. This will make all files and folders in that directory inaccessible to the rest of the internet.
