SitePoint Sponsor

User Tag List

Results 1 to 2 of 2

Thread: (.ht)access

  1. #1
    SitePoint Zealot
    Join Date
    Oct 2000
    0 Post(s)
    0 Thread(s)
    I do not understand the .htaccess "philosophy"...

    Imaging I have a CGI script running in a DIR:

    an a DIR with members (only) photos:

    I would like to limit access to the /privatephotos dir ONLY for the cgi
    script. So that no one (members included) has access to the /privatephotos
    dir EXCEPT through the cgi script? So if someone types:
    "" in his
    browser they would get an errormessage: NO ACCESS or are redirected.

  2. #2
    ComDude CryingWolf's Avatar
    Join Date
    Dec 2000
    I don't know the cat drug it in!!!
    0 Post(s)
    0 Thread(s)
    You don't really need to have cgi scripts to utilize .htaccess files. You would use cgi to say administer .htaccess files. i.e. so that your visitors can change their passwords and or add new passwords.

    .htaccess files can be used to protect a directory and thus protecting files in said directory. The .htaccess will protect every directory under which the directory under which it resides.

    Although the common use of .htaccess files is for security really it is administation file that is capable of far more then security

    If the server and .htaccess files is setup right you cannot look at the file with the direct link to said file.

    Here is an example of an .htaccess file

    AuthName "You must be a valid user"
    AuthType Basic
    AuthUserFile .htpasswd
    Order Deny,Allow
    Deny from all
    Allow from
    require valid-user
    AuthName = What is printed on the popup screen to validate user...
    AuthType = Basic (I think there is other types but this is the only one I have used)
    AuthUserFile = location and title of your password file...

    Order Deny,Allow = we first deny then we allow

    Deny from all = No one is authorized
    Allow from = ok well will allow people from that ip address. Note you can do blocks here and or domain names too...

    require valid-user = you must have a login/password to access this directory

    I am still learning all this myself but that should give you some idea???

    Links that I used to understand more,,,

    There are a few more but this will get you started

    Hope this helps


    P.S. this should really be in one of the server development forums
    body { background:#000000; color:#000000 }
    Easy come easy go!!!


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts