Welcome to WebmasterWorld Guest from 23.20.223.88

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Order allow,deny .XML per folder ?

     
7:08 pm on Nov 16, 2009 (gmt 0)

10+ Year Member



hello,

with an update for my website system i was supposed to add the following to my htaccess file:

<Files ~ "\.xml$">
Order allow,deny
Deny from all
Satisfy all
</Files>

problem now is that i have an admin area in the root that has nothing to do with that website system but the above code has a bad effect on the admin area as it reads xml files from its editor.

Question is, can i keep the code in the htaccess file and exclude /folder/whatever ?

12:28 am on Nov 17, 2009 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Sounds like the editor is configured strangely -- I can't say 'wrongly' because I can't be sure, but the editor should not (usually) be using HTTP to 'read' files, it should be using filesystem reads instead.

In .htaccess, all you've got is the <Files> container, and it means "filenames" only. That is, the contained directives are applied regardless of the directory in which the named files resides, and without regard to "who" is requesting it; The restriction above applies to any/all HTTP accesses.

You could use mod_rewrite to re-code this. The advantage would be that RewriteConds can be used to test URL-paths and/or full filepaths (including the directory-paths). Some care will be needed, though, to deny access only to those files which need to be 'protected', or conversely, to allow access only to those files which don't need protection or which must be 'public' like sitemap.xml.

Jim

1:38 am on Nov 17, 2009 (gmt 0)

10+ Year Member



Hi JD,

Well lets say my root is like public_html/here is website
But i also have public_html/admin/sales/pro
that whole part should not be effected by the code in the htaccess.
I know about the sitemap.xml , thats in public_html/component/whatever/sitemap.xml
Can you provide an example of how i should solve this ?
I have no clue where to start,and if possible a way to exclude the above 2 exceptions...

2:17 am on Nov 17, 2009 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



You could add /admin/.htaccess :

<FilesMatch "\.xml$">
Order allow,deny
Allow from all
</FilesMatch>

This would 'reverse' the 'Deny' setting made in /.htaccess, for the /admin subdirectory only.

Jim

11:40 am on Nov 17, 2009 (gmt 0)

10+ Year Member



that indeed worked jd,thanks..
 

Featured Threads

Hot Threads This Week

Hot Threads This Month