homepage Welcome to WebmasterWorld Guest from 54.196.63.93
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Order allow,deny .XML per folder ?
john1000

5+ Year Member



 
Msg#: 4025997 posted 7:08 pm on Nov 16, 2009 (gmt 0)

hello,

with an update for my website system i was supposed to add the following to my htaccess file:

<Files ~ "\.xml$">
Order allow,deny
Deny from all
Satisfy all
</Files>

problem now is that i have an admin area in the root that has nothing to do with that website system but the above code has a bad effect on the admin area as it reads xml files from its editor.

Question is, can i keep the code in the htaccess file and exclude /folder/whatever ?

 

jdMorgan

WebmasterWorld Senior Member jdmorgan us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4025997 posted 12:28 am on Nov 17, 2009 (gmt 0)

Sounds like the editor is configured strangely -- I can't say 'wrongly' because I can't be sure, but the editor should not (usually) be using HTTP to 'read' files, it should be using filesystem reads instead.

In .htaccess, all you've got is the <Files> container, and it means "filenames" only. That is, the contained directives are applied regardless of the directory in which the named files resides, and without regard to "who" is requesting it; The restriction above applies to any/all HTTP accesses.

You could use mod_rewrite to re-code this. The advantage would be that RewriteConds can be used to test URL-paths and/or full filepaths (including the directory-paths). Some care will be needed, though, to deny access only to those files which need to be 'protected', or conversely, to allow access only to those files which don't need protection or which must be 'public' like sitemap.xml.

Jim

john1000

5+ Year Member



 
Msg#: 4025997 posted 1:38 am on Nov 17, 2009 (gmt 0)

Hi JD,

Well lets say my root is like public_html/here is website
But i also have public_html/admin/sales/pro
that whole part should not be effected by the code in the htaccess.
I know about the sitemap.xml , thats in public_html/component/whatever/sitemap.xml
Can you provide an example of how i should solve this ?
I have no clue where to start,and if possible a way to exclude the above 2 exceptions...

jdMorgan

WebmasterWorld Senior Member jdmorgan us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4025997 posted 2:17 am on Nov 17, 2009 (gmt 0)

You could add /admin/.htaccess :

<FilesMatch "\.xml$">
Order allow,deny
Allow from all
</FilesMatch>

This would 'reverse' the 'Deny' setting made in /.htaccess, for the /admin subdirectory only.

Jim

john1000

5+ Year Member



 
Msg#: 4025997 posted 11:40 am on Nov 17, 2009 (gmt 0)

that indeed worked jd,thanks..

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved