|Order allow,deny .XML per folder ?|
with an update for my website system i was supposed to add the following to my htaccess file:
<Files ~ "\.xml$">
Deny from all
problem now is that i have an admin area in the root that has nothing to do with that website system but the above code has a bad effect on the admin area as it reads xml files from its editor.
Question is, can i keep the code in the htaccess file and exclude /folder/whatever ?
Sounds like the editor is configured strangely -- I can't say 'wrongly' because I can't be sure, but the editor should not (usually) be using HTTP to 'read' files, it should be using filesystem reads instead.
In .htaccess, all you've got is the <Files> container, and it means "filenames" only. That is, the contained directives are applied regardless of the directory in which the named files resides, and without regard to "who" is requesting it; The restriction above applies to any/all HTTP accesses.
You could use mod_rewrite to re-code this. The advantage would be that RewriteConds can be used to test URL-paths and/or full filepaths (including the directory-paths). Some care will be needed, though, to deny access only to those files which need to be 'protected', or conversely, to allow access only to those files which don't need protection or which must be 'public' like sitemap.xml.
Well lets say my root is like public_html/here is website
But i also have public_html/admin/sales/pro
that whole part should not be effected by the code in the htaccess.
I know about the sitemap.xml , thats in public_html/component/whatever/sitemap.xml
Can you provide an example of how i should solve this ?
I have no clue where to start,and if possible a way to exclude the above 2 exceptions...
You could add /admin/.htaccess :
Allow from all
This would 'reverse' the 'Deny' setting made in /.htaccess, for the /admin subdirectory only.
that indeed worked jd,thanks..