[mod_python] Hiding textual contents of .py script (but keeping it executable)

Rich Pinder rpinder at usc.edu
Tue Sep 21 17:07:18 EDT 2004


I'm using Apache 1.3 with Python (Kinterbas) to access a Firebird database.

The .py script resides in a directory under the document root.  If you 
enter the full url to the script file, the browser returns a textual 
representation of the script  (complete with all my connection string 
info & password into the database !)

On the Apache list I was given a suggested solution  (below)... and it 
indeed blocks the text from being displayed... but it also makes the 
script un'executable !

What am I missing here ?? 

I put the script files under the document root per examples I got (with 
either mod python, or kintebas..dont recall).  I assume this is 
logical/correct ??

thanks for your help

rich

>
> <Files ~ "*.py">
>     Order allow,deny
>     Deny from all
>     Satisfy All
> </Files>




More information about the Mod_python mailing list