I am using Apache with Kerberos security enabled. The http page simply lists the directories contained in /var/www/html. I want to make only one of the directories in the document root secured so that when someone clicks on it, it requires him/her to enter credentials. Right now when I place the .htaccess file in the directory I want to protect, the directory is hidden from the list and the user has to enter the whole path to get authenticated and access the files.
I've tried Options +Indexes which was posted all over the net, but it didn't work.
I need to redirect through a .htaccess file in my root folder. The redirect needs to be done from http://www.department.univeristy.edu/reuir to a different server [url]. I am having trouble in determining the pattern that is required for it to take effect.
In my nagios server, an htaccess file have been created for it so any time you want to open it, a window opens for you to enter user name and passwords. Now, what I want to do now is to integrate the nagios into a portal that is written in php so that when customers login to the portal, they can access the nagios with out it popping out the user and password windows. What is going to happen is, the password of nagios will be store in an orient database so the users when they try to access nagios true the portal, they will be login automatically.
I have a site hosted on a cheap hosting company and I need to allow write access to certain users in certain directories, sometimes on a file basis.
Q: how do I do that in a .htaccess file?
I have never used .htaccess although from what I read it looks straightforward but when I try it, I get a "500 server error" even with the example .htaccess file the hosting company suggested I use. (I have informed the host as they require and am awaiting their answer)
The site is automatically set up with a couple of dot file in the root directory when I got it, they are:
I installed AWSTATS on my LAMP 10.04 LTS and followed several tutorials URL...) but I can't secure the folder, either by an alias or by .htaccess. I tried both methods manually and by using Webmin.If you go to the URL www.mywebsite/awstats/awstats.pl it shows up, which is good, but this is the default installation site and anyone who knows awstats could possibly see my stats. The conf folder is /etc/awstats/, and I did an alias for that, then .htacess, but neither worked. With the .htaccess, I would get a password promt but the full stats page was visible behind the password promt, and if you clicked "Cancel" about 20 times or so the promt would go away and the full stats page would be visible.
The actual file that powers awstats is in /usr/share/lib/cgi-bin/awstats.pl, and I also tried an Alias and .htaccess seperately and neither worked.I restarted apache2 after each change and I've searched several forums, but I still can't figure this out.
the questions is how to get per directory config working for lighttpd? so far from googling i've seen people trying to use conditionals to match certain rules for a vhost , but i don't think that messing around with the main config file for each directory/vhost/whatever is such a good idea.
More importantly , i'm looking for a standardized method to achieve this which would work by simple putting an htaccess-like file into a directory and do the magic. i'm not interested in maintaining apache htaccess syntax , only to get the per directory config to work regardless of the syntax used.
I am still probably of the windows mindset when it comes to security. I ran rootkit this morning and received the following error messages;
[09:43:49] /usr/sbin/unhide [ Warning ] [09:43:49] Warning: The file '/usr/sbin/unhide' exists on the system, but it is not present in the rkhunter.dat file. 09:43:49] /usr/sbin/unhide-linux26 [ Warning ]
Is anyone here fluent with the usage of the .htaccess file? Is it the way to go to deter search bots or is there a better method? Never mind. I already have a thread about .htaccess here.
I am running into a very strange problem where my my .htaccess file keep getting deleted.Attempted scenarios ftp upload file.txt rename to .htaccess ftp upload .htaccess ssh - wget url/.htaccess ssh - wget url/htaccess.txt, rename to .htaccess
I looked at my apache2 logs. Code:[Wed Mar 10 01:56:34 2010] [crit] [client 192.168.1.100] (13)Permission denied: /home/user/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable the server is located at /etc/apache2 the default place.
I couldn't help but notice that there are some lines in the default file that resemble those that should be in a htaccess file.
AllowOverride None Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all
[Code]...
If I am running multiple virtual hosts, what happens to the default file? When I put my ip into a browser "http://ip.ip.ip.ip" I get a forbidden message. but all URLs point to where they are supposed to... Maybe its because I don't have an index file in the www folder.. (not at the machine, will try it later to see what happens).
I tried to force download of certain file types - pdf,doc,jpg - instead of opening them in applications. I used AddType application/octet-stream .pdf and AddType application/force-download .pdf but it doesnt works. Has anybody an idea how to solve this problem?
I would like to share some files with my customers. I would like to be able to give them different passwords with different rights. I would like to know which customers have downloaded the files, how many times and from wich ip. I would like to let the customer download a file just a number of times.(optional) I would like to be able to upload from web (optional) And with a polite presentation to the customer.Does it exists? Yes. I'm asking for something better and I hope somebody used it and is still happy with it.
I want to give a 404 error when the index.html file is requested, i already know how to do this in php, but i cant seem to locate any information about how to do it in htaccess. I thought about just redirecting index.html to a page that dose not exist, but i would like to do it correctly from the start.
I have created a sub directory on my box on a website for my company. It is a page that has links to my tools I want to use when I do service calls. Links that connect to my servers webmin etc. Of course I don't want them found by webcrawling bots. I have created a .htpasswd file using htpasswd -c /location/to/file/.htpasswd.
This file is located outside the web. Just under the public_html folder. Then I went to the sub directory I want to protect and added a text file named .htaccess. It contains:
I also opened the httpd.conf and changed AllowedOverride to All
The error document doesn't work either.
I then restarted the httpd service. I try to access the site and it lets me right in without asking for a password. It is apache 2xxx on Centos 4.5. Webmin under Apache confifirms all this.
I want to use rewite module to change my site url from site/index.php to site/cat/ for example I have created .htaccess file in the directory where the file is and add to it:
Code:
RewriteEngine on Rwerite ^cat$ /site/index.php
Here site is not my site, it just in example. I have rewrite.load in the loading list of modules and I can see it loads in phpinfo(). AllowOverride is set to All for the current site, but no redirect is made on site/cat
I have a blog on my site and am using htaccess rewrite rules to block all those nasty scripts from trying to execute various things mostly relating to phpmyadmin and wordpress. This has reduced my httpd error logs to less than half from before.
Am trying to come up with a rule to rewrite all calls to certain files if they are not originating from my domain, here is how it looks right now but it's not working as I can see scripts trying to hit "wp-comments-post.php" getting a 500 Internal Server Error.
I create and edit .htaccess file under /var/www/html/ directory, everything goes well as expected. The corresponding snippet of /etc/httpd/conf/httpd.conf:
I have searched high and low both on this website and the big G and nothing.I have a VPS with fresh CentOS 5.5 install and can't seem to get the server to act on the htaccess file.
After moving a website folder on my local development machine to another drive, then moving it back, I got a 403 error. Most of this problem had probably to do with rights that got messed up. After deleting the code and restoring it from SVN, the rights seemed allright. The error stayed however.
The setup is a bit complex, as follows:
I have Ubuntu 10.4 as development machine, trying to mimic the server as much as possible We use Eclipse + SVN and I create all projects in a local folder under my user account In /var/www-vhosts I create folders for each vhost, like this one: test.localhost test.local/index.php: includes the index file of the project test.local/.htaccess is a dynamic link to the htaccess file in a project subfolder
I get the following error in the apache error log:
The problem seems to be the .htaccess file, or the link to it. When I empty the htaccess, nothing changes When I remove the link, the index-include produces some output (in the apache error log) When I remove the link and replace it with the actual file, I get another error:
I have a folder on my server i want to protect with http authentication but i have problem. i created a password htpasswd -c .htpasswd razzera
then i created a .htaccess file in the folder and added AuthType Basic AuthName "Restricted Files" # (Following line optional) AuthBasicProvider file AuthUserFile /.htpasswd Require user razzera
but when i go tho the folder it wont request any login details. why ??
I have recently merged two Joomla 1.0 sites I ran into one. I imported the articles I wanted to keep to the new site, and I have the old site's domain pointing as an alias at the new site. The new site is www.theouthousers.com . The old site was www.bludblood.com .
I also have the core SEF URLs on, using the htaccess.txt file that came with Joomla.
I have one writer for the old site who linked to his articles in various places, so I am trying to set up redirects for him so that he doesn't have to change all of his links.
To redirect to the equivalent location on the new site:
[url]
And I also need specific links like:
[url]
To redirect to their new counterparts:
[url]
Keeping in mind that www.bludblood.com is now an alias of www.theouthousers.com, is there any way to do this? I have been trying with rewrite rules and redirects, and cannot seem to achieve the desired effect.
Tried various versions of:
Code: Redirect [url] [url]
With the http, without, as regexps, as 301s, as permanents, etc, and it just will not work. Also tried as RewriteRule.
My Pastebin for .HTACCESSIf you can offer any tips on improvements..but the main reason: I cannot get the bots to stop showing up.Esp the first one in the list.I need to block these two specifically
Code: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8 &
I have a CentOS 5.5 Server and I'm hosting 3 different Name-based Virtual Hosts. Using Joomla 1.5 for the site. Each VHost has it's own subdirectory under /var/www so I have .var/www/vhost1, /var/www/vhost2 etc.
It works perfectly, but I'm getting a lot of unwelcome spiders and bad bots trawling for MP3 files because there are a few MP3 files on one the sites. I've added all the Bad Bots to my .htaccess file and now I need to know if I should make only ONE .htaccess and put it under /var/www OR create a different .htaccess file for each vhost (this would be an ideal solution, but I'm not sure if it can be done).
I have checked and double checked the .htaccess and httpd.conf to make sure everything is correct and I'm sure it is. I have AllowOverride set to All in the httpd.conf, Apache sees and is reading the .htaccess because I get a 500 Error when I put garbage text in the file. I'm lost now.
As many developers probably do, I have a Windows based machine on which I run XAMPP locally to test my code and a Linux machine with Fedora as my remote server.As I sometimes use .htaccess as a way to authenticate some parts of the website, I end up having two .htaccess files: one with the local path (something line D:My_Webs) and one with my remote path (something like /var/www/html/) to the password file.I have searched high and low, but I cannot seem to find any trick so that I only have to maintain one version of the .htaccess file which can work on both Linux and on Windows machines.
