Hi,

In case this is the wrong forum for this question, please move the question where it belongs.

Question: Is it possible to have a SSI folder that is not accessible via HTTP but only via the server?

In other words, the files from the SSI folder only shows where they are included to another file - not when opened directly via a browser.

Yes. Just do not give the remote user account any permission. Only give permission to the system accounts. For me I would be giving permission (this is on a windows server mind you) to aspnet, but not the guests account.

Also if you are using asp.net you can use a machine.config to keep a data base from being acced from anyone but the server and store content in the db.

I have no idea how to set permissions on unix and linux servers. I run suse but have not setup the mono server.

Well, I have tried to experiment with the CHMOD settings of the folder containing the include files, and only full permissions for all (CHMOD 777) works. It is not possible to restrict any permissions, unfortunately.

Originally posted by philaweb
Well, I have tried to experiment with the CHMOD settings of the folder containing the include files, and only full permissions for all (CHMOD 777) works. It is not possible to restrict any permissions, unfortunately.

OK, that's not the whole picture. CHMOD 755 works as well, but it does not restrict anyone from watching the file via HTTP.

i dunno bout chmod. But an include directory can be on a completely different drive if you wanted it to, I mean I know with iis I keep my dbs outside of my root.

Only problem is that I'm on a virtual host. I have no control over what's outside the root. I can't even use paths from httpdocs to subdomains and vice versa, then it would have been easier.

Originally posted by PeOfEo

I have no idea how to set permissions on unix and linux servers. I run suse but have not setup the mono server.

It's zooper simple. ;) Just right click the folder and select "properties". That'll give toooou a window with about 5 tabs each full of options. Just select the permissions tab and do what ya like. :D

Originally posted by Mr Herer
It's zooper simple. ;) Just right click the folder and select "properties". That'll give toooou a window with about 5 tabs each full of options. Just select the permissions tab and do what ya like. :D

Using what FTP client?
Or perhaps something like a virtual host interface?

Yeah I meant whist being sat at the PC with the server on it, but I often did pretty much the same thing using AceFTP3pro on a connection to a Linux server. I just right clicked files and folders as they were listed and chose properties from the menu. It would then give you a xbox to either quickly enter the chmod number you wanted or you could use the series of tick boxes to set read, write and execute permissions and so on from that. Very simple. Even I managed it.

I do know about choosing CHMOD permissions, thank you. ;)

My problem is how I can differenciate the permissions with one set for owner (server) and another set for other (http) in connection with the use of SSI (Server Side Includes).

I would like the files in the includes folder to be read by owner (server) only and not by other (http), but when I restrict permissions for other to view, execute - the file where the includes file should be used comes up with error messages and does not show the include.

well there's chown for setting what the files belong to. Have you set ownership that way yet? I'm guessing you probably know about the chown already too, but other than that I'm not sure. I mean what would you tell that the files can only be used by the owner? Would you tell the http server or the OS or what? I'm guessing it'd be the OS (again with the chmod, only owner can read or execute). Other than that you'd need someone that knows what they're doing to help you. lol. Sorry.

Depending on how your host does CGI, you could try putting it under the cgi-bin tree where things will not be served up directly.

Thanks for your time and advice. :)

I've gotten an advice on another board, which I think would be perfect and very easy to implement.

Simply save the includes files with an imaginary file extension. The Unix server parses it, but a browser wouldn't have a clue on how to open it.

Originally posted by Mr Herer
It's zooper simple. ;) Just right click the folder and select "properties". That'll give toooou a window with about 5 tabs each full of options. Just select the permissions tab and do what ya like. :D I do not use apache... I use IIS. You for get I am an asp/asp.net man.

No that's not for apache man. That's just SuSE in general. That's just a quick and easy way of setting file permissions. I just misunderstood what you were saying.

Originally posted by Mr Herer
No that's not for apache man. That's just SuSE in general. That's just a quick and easy way of setting file permissions. I just misunderstood what you were saying. You forget... I am an IIS man. IIS does not run from suse. I have suse linux on this box (I am going to switch to mandrake tomorrow infact) but I have never needed to play with file permissions.