|htaccess protecting a directory|
got it working for a file, but not a full directory -?
I have used htaccess/htpasswd to protect specific files, but I can't figure out how to protect an entire directory. That is, without actually putting the htaccess in the directory in question. I'd like to keep my htaccess at the root.
Here's what I use to protect a specific file:
<Files ~ "file_to_protect.cgi">
AuthName "Only Authorized persons!"
<Limit GET POST>
allow from all
I have to project several directories, and wanted to do it in a central location, at the root. Or is it a better idea to put a htaccess file in each directory.
The .htaccess file directives carry through from the first folder on through the *directory* tree. Therefore, if you have your directory of *my_www_root* and create an .htaccess file in it, it applies to every file and directory under that. For example, you create a sub-directory of *myprivatestuff* and the .htaccess file in *my_www_root* applies to that as well. Here is a sample .htaccess file you might place in *my_www_root*:
AuthName "Somewhat Secure Area"
<Limit GET POST>
You may want to start here [httpd.apache.org...] to learn more and then work your way into the right solution for you.
>> I have to project several directories, and wanted to do it in a central location, at the root. Or is it a better idea to put a htaccess file in each directory.
It's your choice, you can do both. First option gives easier maintenance.
Here's the exact method you are looking for: [httpd.apache.org...]
|I have to project several directories, and wanted to do it in a central location,...gives easier maintenance. |
Thanks! I sure looked for that on the apache site, but didn't find it :(
One last question. How to include 2 directories.
I know *now* that to protect a directory, I do
<Directory directoryname> ... </Directory>
I suppose I can't just to
<Directory directoryname,otherdirectoryname> ... </Directory>
How to do it?
Just set up two directory-blocks (one below the other) in your .htaccess fileŽ- then you can specify separate access rights for each.
here's another question in this same vein...
if i have a htaccess in the root and put a htaccess in a subdirectory, do the root's setting still carry into the subdirectory? i'm not explicitly turning off any of the previous settings... just adding to them... or do i need to put in a complete htaccess with the previous settings and the new ones?
hope that makes sense...
Thanks, everyone, for your replies! :)
>> do i need to put in a complete htaccess with the previous settings and the new ones?
As far as i know yes - lower level overrules higher level. To test it, place a blank htaccess inside a subdirectory of a password protected directory, then try requesting the sub directly (without going through the password protected directory). Possibly this behavior can be turned off somehow - others may know as i've never tried to do it.
Anyway, you can use the <Directory> ... </Directory> in your root to make separate (additional) settings for subfolders.