Scott Silva wrote: > Or just hide it and not name it "my-sshd-access.php". It is difficult > to find a web page you don't know exists if directory listing is off. if you post your weblogs online, perhaps via an analysis package such as Analog, DO be sure to exclude this file :) I often create a hidden folder on my websites, named .secret or something, and have any logging of activity in that folder directed to a different private and secure log