|
Click to See Complete Forum and Search --> : /home/.htaccess gert cuykens 11-06-2005, 04:35 PM When i do /home/.htaccess the server tells me fatal error :confused: <Directory inc> Order Deny,Allow Deny from All </Directory> <Directory obj> Order Deny,Allow Deny from All </Directory> I want to protect /home/inc (php includes) and /home/obj (php classes) Stephen Philbin 11-06-2005, 10:01 PM (1) What reason does it give for the fatal error? (2) Are those Directory directives in /home/.htaccess or are they in the main httpd.conf or where? (3) Are /home/inc and /home/.htaccess child directories of the server root directory? (I would imagine they are not, it which case you need to make them available to Apache by declaring them in httpd.conf and giving them instructions on usage (like "Options" for example). bokeh 11-07-2005, 03:08 AM Here is a different line of attack. The following code if put at the top of your include will stop direct access:if(basename(__FILE__) == basename($_SERVER['PHP_SELF'])){ exit; }Better though would be put your includes in a non-public directory. If I was goint to use the above code I would probably return a 404 as follows:if(basename(__FILE__) == basename($_SERVER['PHP_SELF'])){ send_404(); } function send_404() { header('HTTP/1.x 404 Not Found'); print '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">'."\n". '<html><head>'."\n". '<title>404 Not Found</title>'."\n". '</head><body>'."\n". '<h1>Not Found</h1>'."\n". '<p>The requested URL '. str_replace(strstr($_SERVER['REQUEST_URI'], '?'), '', $_SERVER['REQUEST_URI']). ' was not found on this server.</p>'."\n". '</body></html>'."\n"; exit; } gert cuykens 11-07-2005, 07:54 AM Aldo i have no doubt that the above will work, i personaly would feel like a donkey becuase i have many include files and many obj files :D Let me asure you i am one lazy donkey who never wants to put the same lines of code twice ever. Its one of my donkey rules. gert cuykens 11-07-2005, 08:08 AM ok some clarification. 1) i dont know 2) yes does directives are from a .htaccess file in the directory where my site is located i used home because i did not want to type the full path of the location on de server , reason to long :D 3) its more like .../public_html/mysite/inc/ .../public_html/mysite/obj/ .../public_html/mysite/.htaccess PS i dont have access to the main config file (shared server) gert cuykens 11-07-2005, 08:14 AM This is the error i get http://racebikerenting.com/gert Sheldon 11-07-2005, 02:33 PM Just put bokehs code from above in a seperate file its self and include in into the top of your includes/or require even. bokeh 11-07-2005, 02:58 PM Just out of interest why are you storing these files in a public directory? gert cuykens 11-07-2005, 04:45 PM it is easier to bacup one directory,see donkey rule number two , site have to be drag and drop :D webdeveloper.com
Copyright Internet.com Inc., All Rights Reserved. |
|