Is it possible to protect specific directories with a single .htaccess and .htpasswd file?
I can only seam to find the ability to protect single files, or an entire directory (and it's sub directories)?
E.g .htpasswd in /public_html/myfolder
and protect
/public_html/myfolder/secret
/public_html/myfolder/admin
but not
/public_html/myfolder/mypublicfiles
htaccess files are a per directory options, it's sort of like a <Directory> block but defined by where you put the htaccess file. So you can't arbitrarily setup HTTP authentication on a directory other than the directory that the htaccess file is in.
Related
I have 2 directories in my public_html directory as MainSite & OtherSite.
Now I want the following:
1 If a user enters my domain on it's root address, for instance www.example.com he must be redirected to my MainSite directory as I have all of the contents there.
2- But if user enters a subaddress, i.e. www.example.com/othersite, then he must be redirected to the OtherSite directory.
I know 1 can be done easily by pointing this folder for my main domain then in this case where to put my htaccess file and what do I write in that?
I don't want any other directory or sub directory contents to be disturbed.
So, what is a better approach?
I want to prevent uploading files to a specific directory,
as I already have some php and html files in this directory.
I was trying .htacess:
Options -Indexes
<Files *>
deny from all
</Files>
This is working, but makes me unable to open any files from the folder.
I then tried with this:
<Files *.php>
deny from all
</Files>
But then I cannot start index.php in this folder...
Can anyone help me?
If you're on Linux, use the chmod command to disable uploads, but still leave browsing enabled.
Use it like this: chmod 755 directory_path or chmod 555 directory_path. You may need to become root in order to make these changes, depending on your setup.
The first chmod command in this example allows only the directory owner to upload files, others can only read the directory contents. The second chmod command doesn't allow anyone to write to this directory. For more information, use man chmod inside your shell.
I have a directory called "files" that contains an .htaccess file with the following rule:
RewriteEngine On
RewriteBase /
RewriteRule ^(.*)$ /assets/secure.php?f=$1 [NC,L]
So when a user tries to view any file within the files directory they are redirected to /assets/secure.php file. This file is meant to check permission on the user but to simplify it all it does now is prints the file name that the user tried to access.
secure.php code
$f = $_GET['f'];
echo 'file Name: '.$f;
The "files" directory contains other directories with chmod permissions of 770. Now if i try and view a file in one of these 770 directories I get a 404 file not found. I've I make it world executable then it echos out the file name as expected.
This set up was working fine on another set up so guessing it's down to ownership or something. But they all seem to have same group and owner.
The server is apache with cpanel installed.
Any ideas?
How to find all files in non readable directory
For example directory /home is locked perm 40700
But I can read all files in this directory like
/home/index.php and etc
How to list all files in this directory?
I tryed ls and find function do not want to find thoose files
The r permission of folders determines whether you can list the contents. If a folder has x but not r, then you can access files as long as you know their names.
An example for this is to allow users to publish HTML documents in their home folders. For this, set the permissions for /home/user to rwx-----x and /home/user/public_html to rwx---r-x
That way, the HTML server can access the folder (it can walk though your home folder) but it can't see any files outside of the public_html folder.
is it possible to mirror directory with htaccess?
For example:
/folder1 <= is empty
/folder2/blah/blah <= here is content
I want folder1 to display folder2 contents. So that when you go to folder1/ you can navigate to folder1/blah/blah/files
is this possible?
Alias can do this, although folder1 shouldn't exist for it to work:
Alias /folder1 /folder2/blah/blah
In .htaccess files, you can only Alias to a directory inside the web root.
It doesn't always work in .htaccess files, depending on the server configuration.
In the central configuration, you may have to use an absolute path as the Alias target.