|
Home > Archive > Apache Server configuration support > December 2007 > .htaccess Password Protect all but one folder
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
.htaccess Password Protect all but one folder
|
|
| jephperro 2007-12-20, 1:30 pm |
| Hi there,
I need to password protect a website using .htaccess so that it's not
accessable to the outside world. But I have one webpage, in one
directory that needs to be accessable to the whole world.
How can I go about doing this? I want to make the webpage "/show/
test.php" available to everyone, but everything else should require
valid-user.
Thanks,
jeff
| |
| Brendan Gillatt 2007-12-20, 7:24 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
jephperro wrote:
> Hi there,
>
> I need to password protect a website using .htaccess so that it's not
> accessable to the outside world. But I have one webpage, in one
> directory that needs to be accessable to the whole world.
>
> How can I go about doing this? I want to make the webpage "/show/
> test.php" available to everyone, but everything else should require
> valid-user.
>
> Thanks,
>
> jeff
Have a look at the example 'Removing controls in subdirectories' just after:
http://httpd.apache.org/docs/2.2/mod/core.html#require
in the Apache docs.
- --
Brendan Gillatt
brendan {at} brendangillatt {dot} co {dot} uk
http://www.brendangillatt.co.uk
PGP Key: http://pgp.mit.edu:11371/pks/lookup...arch=0xBACD7433
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
iD8DBQFHat1okA9dCbrNdDMRAkEJAKDjW3adw/egneOl4LvPfdzyUMG1NwCffFj6
XFXAN7G/01J6RTpZ7ixZejw=
=MVVx
-----END PGP SIGNATURE-----
| |
| jephperro 2007-12-20, 7:24 pm |
| Thanks Dude,
By the way, there is a much simpler solution.
There is an .htaccess file in the root protecting the whole site.
I just created an .htaccess file in the directory that I want to be
unprotected with:
Satisfy Any
Allow from all
That's it.
I just learned that the closest .htaccess file is the one that
controls what happens to that directory. Check it out:
http://www.javascriptkit.com/howto/htaccess.shtml
Thanks,
Jeff
On Dec 20, 1:23 pm, Brendan Gillatt
<brendanREMOVET...@brendanREMOVETHISgillatt.co.uk> wrote:
>
> jephperro wrote:
>
>
>
>
>
> Have a look at the example 'Removing controls in subdirectories' just after:http://httpd.apache.org/docs/2.2/mod/core.html#require
> in the Apache docs.
>
> - --
| |
|
| "jephperro" <jeff.perreault@gmail.com> schreef in bericht
news:c96dd2e6-ce51-4368-ada2-b3cd6b5a17c0@a35g2000prf.googlegroups.com...
> By the way, there is a much simpler solution.
>
> There is an .htaccess file in the root protecting the whole site.
>
> I just created an .htaccess file in the directory that I want to be
> unprotected with:
> Satisfy Any
> Allow from all
>
> That's it.
The result of using either .htaccess or <directory ...>-block is close to
identical.
However, if you have access to the config of an Apache server or site you
should not use .htaccess for security settings:
- loss [of access] of a .htaccess may cause a security breach
If you can do without, just disable it and gain some performance:
- if enabled a request will check each folder starting at the document root
and walking downward for a .htaccess
HansH
|
|
|
|
|