[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] .htaccess showing - how to prevent this?

Subject: RE: [cobalt-users] .htaccess showing - how to prevent this?
From: "Ligard, Vidar" <vligard@xxxxxxxxx>
Date: Thu Aug 28 11:07:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> -----Original Message-----
> From: Greg Hewitt-Long [mailto:cobaltusers@xxxxxxxxxxxxxxxxxxx] 
> Sent: Thursday, August 28, 2003 1:02 PM
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: [cobalt-users] .htaccess showing - how to prevent this?
> 
> 
> I think I just discovered something that isn't supposed to 
> happen... I can't find a reference to it anywhere... so here goes..
> 
> I inadvertently typed a \ after deleting part of a URL, and I 
> got the .htaccess file to show - this could be bad news for 
> some sites, showing the location of .htpassword files etc
> 
> Check it out:
> 
http://www.webyourbusiness.com/\

Now - surely this IS NOT supposed to happen!  Any ideas on how to turn this OFF??

I've got this in my /etc/http/conf/http.conf file:
    543 #
    544 # The following lines prevent .htaccess files from being viewed by
    545 # Web clients.  Since .htaccess files often contain authorization
    546 # information, access is disallowed for security reasons.  Comment
    547 # these lines out if you want Web visitors to see the contents of
    548 # .htaccess files.  If you change the AccessFileName directive above,
    549 # be sure to make the corresponding changes here.
    550 #
    551 # Also, folks tend to use names such as .htpasswd for password
    552 # files, so this will protect those as well.
    553 #
    554 <Files ~ "^\.ht">
    555     Order allow,deny
    556     Deny from all
    557     Satisfy All
    558 </Files>

Vidar

thanks

Greg Hewitt-Long
-- 
E-Commerce Software & Web Design Services. http://webyourbusiness.com Reliable Web Hosting from $4.99/month - http://www.aaabusinesshosting.com/
Domain Registration from $13/year - http://aaabusinesshosting.com/domains/
     TF: 1-877-416-8655   PH: (970) 266-0195   FAX: (970) 266-0158

_____________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to: http://list.cobalt.com/mailman/listinfo/cobalt-users

Follow-Ups:
- RE: [cobalt-users] .htaccess showing - how to prevent this?
  - From: Greg Hewitt-Long

Prev by Date: [cobalt-users] .htaccess showing - how to prevent this?
Next by Date: Re: [cobalt-users] .htaccess showing - how to prevent this?
Previous by thread: Re: [cobalt-users] .htaccess showing - how to prevent this?
Next by thread: RE: [cobalt-users] .htaccess showing - how to prevent this?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index