[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Fetching .htaccess and .htpasswd files
- Subject: Re: [cobalt-users] Fetching .htaccess and .htpasswd files
- From: "J. Masterson" <masterson@xxxxxxxxxxxx>
- Date: Thu Mar 9 09:33:33 2000
Here's another way (inside your .htaccess file):
<FilesMatch "^\.ht">
deny from all
</FilesMatch>
"Neil J. Kemp" wrote:
>
> Easiest way is not to put the .htpasswd file in the web tree at all. Store
> it in the /home/sites/sitexx directory NOT the /home/sites/sitexx/web. The
> server will still be able to read it (modify the .htaccess file
> acccordingly to the new path) but noone can download it from the web.
>
> Incidently to my knowledge people can ONLY download a .htaccess file from
> a directory IF they have previously authenticated anyway.
>
> --Neil
>
> On Thu, 9 Mar 2000, manitu wrote:
>
> > Hello all,
> >
> > I just noticed that everybody can fetch a .htpasswd and .htaccess file via
> > the web if they are located in the /web directories on a RaQ2.
> >
> > Does anybode know how to config the server not to deliver files beginning
> > with a dot via the web ?
> >
> > Thanks
> > Manuel
> >
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
--
John Masterson
Web Developer
WAM!NET Missoula
masterson@xxxxxxxxxxxx