File accessible despite .htaccess rules

Forum Moderators: phranque

Message Too Old, No Replies

File accessible despite .htaccess rules

DRM php file resolves without password prompting

xeyednkrazy

10:46 pm on Jul 20, 2006 (gmt 0)

I won't deny i'm new to all this, but my problem seems so fundamentally at odds with anything i've learned so far, i'm at a complete loss.. as such, i'm turning to you guys for some help.

my .htaccess file, located in /members

AuthName "Restricted Area"
AuthType Basic
AuthUserFile (my_password_directory)
AuthGroupFile /dev/null
require valid-user

<limit GET POST>
require valid-user
</limit>

<Files .htaccess>
order allow,deny
deny from all
</Files>

Everything has been working perfectly so far, EXCEPT for my DRM license php file, which, located at /members/drm/, is accessible, while other files in that directory are not. Furthermore, regardless of which subfolder i place it in, it's still accessible, while. I have NO other .htaccess files in place that could override the rules. I'm stumped!

-My host: Godaddy (yes, i'm cheap, for now)

I've tried to research this myself to no avail, so any input would be greatly appreciated.

Thank you!
~Chris

encyclo

1:01 am on Jul 23, 2006 (gmt 0)

Welcome to WebmasterWorld xeyednkrazy! How is the DRM license file accessed exactly? Is it viewed directly in the browser like any other page, or is it called from other pages or other devices?

If the other files in the directory are successfully blocked by the .htaccess rule, I get the impression that the request for the DRM file is not being handled by Apache but by another process - and if that is the case, then you can't use an Apache rule to block access.