Is there any need for .htaccess files in directories higher than that where index.html is placed?
I found such a file one level higher after a FileZilla accident (my fault; not Filezilla's) and suspect it should be deleted.
The .htaccess file has an effect on the directory it's in and all the descendent directories. You would need another .htaccess in a sub-folder if it was altering rules or adding new ones to what was inherited from its parent directory.
To expand on this based on more info from below: If the .htaccess files are in directories above your hosting dir, they will have an effect. However you should not amend or delete files on shared servers that you don't have direct authorization to. Check with your host or sysadmin - maybe those files need to be there, or perhaps they can be tidied up. In any case you can override .htaccess rules with a .htaccess file in the subdirectory.
Related
I am working on a webpage that uses CKEditor for editing pages' text content and I have found out that although the listing of the DIRs is denied people can still open specific files directly (publicly) if they know exactly where those files reside thus they could change the content to whatever they want (a.k.a. hackers paradise)!
I am looking for an htaccess solution file placed in the root of my webpage (alongside the index.php) and using mod_rewrite (as I already have some rules in place with this specific syntax) in a style of:
RewriteCond
RewriteRule
Specifically, I just need to deny public access to all the files in all the directories and subdirectories in ./js/ckeditor (basically everything in and behind ckeditor directory)
I did search for the solution on the internet but all I could find was how to deny access to subdirectories, not all files in all the subdirectories of one directory.
I have my website hosted on 1and1 servers and I want to adjust some settings in a php.ini file. I can create the file and it is being interpreted correctly but only for the immediate directory not for any subdirectories. I would like to not have to copy the php.ini file into every single subdirectory. The only way I have seen to do this from googling is to add the following to the .htaccess file
suPHP_ConfigPath /path/to/htdocs/php.ini
I have an .htaccess file and the different directives I have in there are being interpreted correctly but when I add that line it causes a 500 Internal Server error.
Can anyone suggest what I can do so that the php.ini settings are used in all the subdirectories without having to duplicate the php.ini file into all the subdirectories?
You could create soft links in each folder to your main php.ini. 1and1 disallows many directives in their .htaccess files. 1and1's support site has more information.
The suPHP is evaluated in a .htaccess PerDir context. If you want to have different ini files for different directories then you need to use a separate .htaccess in each relevant directory. By default Apache will use the lowest .htaccess on the request URI's path that it can find. Alternatively if you have a systematic naming convention for the filenames, then you ban place the different suPHP directives in different directives.
In my application I have separate spaces for user and admin like
if www.example.com is my website, then www.example.com/admin is my admin URL.
I am using a .htaccess file in my root, and it affects some of the functionality in my admin folder, which I don't want to.
For example, consider below is my folder structure
..
.htaccess
index.php
admin
So if I don't want the .htaccess rules to apply within the admin folder, is there any way?
For people that don't have direct access to httpd.conf (shared hosting for example), just put another .htaccess file in the subfolder and set to the desired behavior.
You should be able to do this, but it does require write access to the httpd.conf configuration.
If you have access to the httpd.conf file, something like
<Directory /admin>
AllowOverride None
</Directory
should do the trick.
Also, note that using .htaccess files in the root directory (as you said you did) is not a recommended approach. You'd be better off moving the contents of the htaccess file into the proper contexts of the httpd.conf file.
More information can be found at http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride
I have an .htaccess file in the folder called folder and another file, called form.html in the same folder
When I try to reach the folder (by entering http://blablabla/folder/), it does block the access and I am getting an error 403 but when I enter the exact URL of the file http://blablabla/folder/form.html anf hit enter, I can access the file as easily as if I haven't put any .htaccess file.
Am I doing something wrong?
Am I missing something, should I use something like or
Sorry if the question is really basic...
.htaccess is a container for directives for your apache web server that apply to that directory and below only. What directives have you got in your .htaccess file?
The behaviour you outline above is how apache should behave with no .htaccess folder.
What is it that you are wanting to happen?
Ola there
I run several domains under the same shared hosting account, so I have the following files:
/home/joe/domain1.com/.htaccess
/home/joe/domain2.com/.htaccess
/home/joe/domain3.com/.htaccess
Each file contains duplicate data (stuff like deny from stupid.web.bot).
Is there any way to have a single file that's shared across multiple .htacess files? (something like bash's source command)
Use httpd.include vhost configuration files (as found in /etc/httpd/conf.d/vhosts.conf on RHEL systems) - these are preferable to .htaccess as they are loaded at server start and not dynamically, allowing .htaccess to be disabled and one less filesystem lookup required per directory lookup.
Not all configuration directives can be used in .htacess and httpd.include, check the manual for specifics. Directory commands are fine.
Use the include directive in your httpd.include to include a base config file with common rules.
If they just need to have exactly the same contents you could make a master.htaccess and just symlink it into each folder?
Specify the settings for all domains in your Apache configuration
<Directory /home/joe>
deny from stupid.web.bot
</Directory>
You can put a common .htaccess file in their parent directory: /home/joe.