html - Possible to view PHP code of a website?

Question

Is it possible to somehow view another websites php files/codes?

Or to rephrase the question, Can my php codes be viewed by anybody except for those who have access to the file?

If so, how can I best prevent this?

Ps: Server OS is Ubuntu 9.10 and PHP version is 5+ (Apache2)

Answer 1

A bug or security vulnerability in the server (either Apache or the PHP engine), or your own PHP code, might allow an attacker to obtain access to your code.

For instance if you have a PHP script to allow people to download files, and an attacker can trick this script into download some of your PHP files, then your code can be leaked.

Since it's impossible to eliminate all bugs from the software you're using, if someone really wants to steal your code, and they have enough resources, there's a reasonable chance they'll be able to.

However, as long as you keep your server up-to-date, someone with casual interest is not able to see the PHP source unless there are some obvious security vulnerabilities in your code.

Read the Security section of the PHP manual as a starting point to keeping your code safe.