Forum Moderators: phranque
i wrote some html files which are served with some SSI templates. My server root is /var/www/ and i copied these SSI templates to /var/www/include.
This wasnīt a good idea. Everybody with for example the HTTrack Website Copier can download the include templates. Also it is possible to show the directory with [mywebsite.com...]
Can i put these files for example in /home/user1/include and only Apache can access this directory and loading the SSI templates?
What must be done that a index.html can access and load SSI templates from /home/user1/include?
My Apache is running under www-data:www-data.
/var/www belongs to user1:www-data.
I tried it with google but couldnīt find a solution. Also a site like diveintomark.org stores its SSI templates under /var/www/include. So it canīt be wrong. But in my case i donīt want this if possible.
Thanks in advance
Markus
I think that any file that is accessible via HTTP will be... accessible via HTTP. There's no good way to 'hide' things on the Web, short of password-protecting them.
You might want to look into blocking undesirable user-agents from your site using mod_rewrite and Key_Master's bad-bot script [webmasterworld.com].
Jim
