 |  |  |  |  |  |  |  |
Disable access to .htaccess
 |
•
•
Join Date: Feb 2002
Posts: 12,027
Reputation: 
Solved Threads: 126
What can I do to disable public downloading of my .htaccess file? I am on a Linux box. I can't chmod the file because the web browser still needs access to it, obviously. I know that there is a line I can add to it so that it gives the user a 403 Permission Denied error upon directly accessing it, but I don't remember what it is. Anyone know?
To prevent viewing of htaccess files use:
and to prevent directory listing try:
Trey B.
Web Hosting Support
<Files .htaccess> order allow,deny deny from all </Files>
and to prevent directory listing try:
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
Trey B.
Web Hosting Support
•
•
Join Date: Feb 2002
Posts: 12,027
Reputation:
Solved Threads: 126
0
#3 Jul 12th, 2003
Hey there! Thanks! Helpful as always.
•
•
Join Date: Feb 2002
Posts: 12,027
Reputation:
Solved Threads: 126
I came across a cleaner way.
The [F] means to make the file forbidden.
RewriteRule ^\.htaccess$ - [F]
The [F] means to make the file forbidden.
•
•
Join Date: Feb 2002
Posts: 12,027
Reputation:
Solved Threads: 126
Oops! Just remembered the rewrite rule (using mod_rewrite) won't work unless the rewrite engine is turned on. So the code in .htaccess has to look something like this
RewriteEngine on RewriteRule ^\.htaccess$ - [F]
Unfortunately, all rewrite directives can be in the .htaccess except one.
RewriteEngine On must be in the httpd.conf of the server and not in the htaccess. Plus if you use rewrite there will be a performance penalty compared to just denying the file.
Just FYI, hope that helps.
Trey
RewriteEngine On must be in the httpd.conf of the server and not in the htaccess. Plus if you use rewrite there will be a performance penalty compared to just denying the file.
Just FYI, hope that helps.
Trey
•
•
Join Date: Feb 2002
Posts: 12,027
Reputation:
Solved Threads: 126
Hey, thanks. I thought of that one because I've been dealing with .htaccess and mod_rewrite, where it is required to put RewriteEngine on into .htaccess. Check out my post about mod_rewrite and google located here: http://www.daniweb.com/forums/thread653.html
Dani
Dani •
•
Join Date: Feb 2002
Posts: 12,027
Reputation:
Solved Threads: 126
BTW Yes, I've heard that mod_rewrite has a big performance hit to the cpu 
•
•
•
•
Originally Posted by wfwh
Can you not chmod the file to 700? i think that still allows the file to be read
Otherwise, it gives you a forbidden error.
|
Similar Threads
Other Threads in the Linux Servers and Apache Forum
- Previous Thread: Apache mod_rewrite with Google Ads
- Next Thread: Hosting a windows webpage on a linux server
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Linux Servers and Apache Posts
- Today's Posts
- Unanswered Threads
.net apache asus bbc bluegene centos cisco citrix cloud cloudcomputing datacenters debian dell desktops development distributions distros drivers economy eeepc energy enterprise fedora gadgets gentoo gos government gpl hardware hp hyper-v ibm java jobs kindle knoppix kvm laptop laptops lawsuits licensing limo linustorvalds linux linuxfoundation linuxmagazine magazines microserver microsoft mobile mobilephones netbook netbooks news novell olpc open openmoko openoffice opensolaris opensource opensuse openvz operatingsystems os patents pc pcworld plathome politics print qumranet realtimesystems redhat rhel robot russia sco server servers slackware software solaris source sun supercomputer support tivo torvalds training tv ubuntu umpc unix virtualization vmware windows x86 xandros xen