Welcome to WebmasterWorld Guest from 54.196.244.186

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

htaccess protecting a directory

got it working for a file, but not a full directory -?

     
8:23 am on Aug 5, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 25, 2000
posts:663
votes: 0


I have used htaccess/htpasswd to protect specific files, but I can't figure out how to protect an entire directory. That is, without actually putting the htaccess in the directory in question. I'd like to keep my htaccess at the root.

Here's what I use to protect a specific file:

<Files ~ "file_to_protect.cgi">
AuthName "Only Authorized persons!"
AuthType Basic
AuthUserFile /path/.htpasswd
<Limit GET POST>
order allow,deny
allow from all
require valid-user
</Limit>
</Files>

I have to project several directories, and wanted to do it in a central location, at the root. Or is it a better idea to put a htaccess file in each directory.

10:49 pm on Aug 5, 2003 (gmt 0)

Administrator

WebmasterWorld Administrator coopster is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:July 31, 2003
posts:12533
votes: 0


The .htaccess file directives carry through from the first folder on through the *directory* tree. Therefore, if you have your directory of *my_www_root* and create an .htaccess file in it, it applies to every file and directory under that. For example, you create a sub-directory of *myprivatestuff* and the .htaccess file in *my_www_root* applies to that as well. Here is a sample .htaccess file you might place in *my_www_root*:

AuthUserFile /my_server/somewhere_outside_my_public_access_area/.htpasswd
AuthGroupFile /dev/null
AuthName "Somewhat Secure Area"
AuthType Basic

<Limit GET POST>
require valid-user
</Limit>

You may want to start here [httpd.apache.org...] to learn more and then work your way into the right solution for you.

11:30 pm on Aug 5, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 15, 2003
posts:2395
votes: 0


louponne:
>> I have to project several directories, and wanted to do it in a central location, at the root. Or is it a better idea to put a htaccess file in each directory.

It's your choice, you can do both. First option gives easier maintenance.

Here's the exact method you are looking for: [httpd.apache.org...]

/claus

5:44 am on Aug 6, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 25, 2000
posts:663
votes: 0


I have to project several directories, and wanted to do it in a central location,...gives easier maintenance.
[httpd.apache.org...]
Thanks! I sure looked for that on the apache site, but didn't find it :(

One last question. How to include 2 directories.
I know *now* that to protect a directory, I do
<Directory directoryname> ... </Directory>

I suppose I can't just to

<Directory directoryname,otherdirectoryname> ... </Directory>

How to do it?

9:18 am on Aug 6, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 15, 2003
posts:2395
votes: 0


Just set up two directory-blocks (one below the other) in your .htaccess fileŽ- then you can specify separate access rights for each.

/claus

4:38 pm on Aug 6, 2003 (gmt 0)

Preferred Member

10+ Year Member

joined:May 14, 2003
posts:376
votes: 0


here's another question in this same vein...

if i have a htaccess in the root and put a htaccess in a subdirectory, do the root's setting still carry into the subdirectory? i'm not explicitly turning off any of the previous settings... just adding to them... or do i need to put in a complete htaccess with the previous settings and the new ones?

hope that makes sense...

5:05 pm on Aug 6, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 25, 2000
posts:663
votes: 0


Thanks, everyone, for your replies! :)
10:29 pm on Aug 6, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 15, 2003
posts:2395
votes: 0


wkitty42
>> do i need to put in a complete htaccess with the previous settings and the new ones?

As far as i know yes - lower level overrules higher level. To test it, place a blank htaccess inside a subdirectory of a password protected directory, then try requesting the sub directly (without going through the password protected directory). Possibly this behavior can be turned off somehow - others may know as i've never tried to do it.

Anyway, you can use the <Directory> ... </Directory> in your root to make separate (additional) settings for subfolders.

/claus

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members