Web Servers on Unix and Linux - Re: .htaccess prevents itself from being viewed but not "sess*" files in dir

This is Interesting: Free IT Magazines  
Home > Archive > Web Servers on Unix and Linux > December 2006 > Re: .htaccess prevents itself from being viewed but not "sess*" files in dir





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Re: .htaccess prevents itself from being viewed but not "sess*" files in dir
HansH

2006-12-07, 7:27 pm

<phillip.s.powell@gmail.com> schreef in bericht
news:1165529250.835286.151950@l12g2000cwl.googlegroups.com...
> What I tried doing was this, out of desparation:
>
> <Files>
> order allow,deny
> deny from all
> </Files>
What files are to be denied without specifying a filename ??
Test for me
<Files ~ ".">

> And even then all session files were still viewable. That's when I
> concluded perhaps it is due to the nature of how php names its session
> files (no php session file has any extension, just a name),
Thinking name-dot-extention ... is a MicroSoft doctrine.


BTW your sess* files are at the document_root ...???
If not, try
<Location /<folder>/>
order allow,deny
deny from all

HansH
</Location>


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com