Well, as a start please excuse me for my beginner English..
I want to know more about security in PHP MVC applications
I've created my own MVC, I still haven't finished it.
My application directory is exposed by URL access with child elements.
How to make this hidden from visitors?
Following is what I am trying
Apache mod_rewrite ?
I still don't know to make it empty index.html in each folder like the framework Codeigniter ?
What to use for something to indicate ? and, ... how to make ?
Edit
I know a litte something about rewrite_rules
Below is my .htaccess
Options -MultiViews RewriteEngine On RewriteBase /ligia #RewriteCond %{REQUEST_FILENAME} -f [OR] #RewriteCond %{REQUEST_FILENAME} -l [OR] #RewriteCond %{REQUEST_FILENAME} -d #RewriteRule .+ - #I know, it is commented RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-l RewriteRule "^(.+)$" "index.php?uri=$1" [QSA,L]
But I am afraid if this is the best way to hold my MVC application security!?
I need help!