glerma
Posts: 56
|
| Posted: 06/25/2004, 6:22 AM |
|
Any Apache gurus out there?
I'm developing with PHP and templates in CCS.
I was wondering if anyone has been able to setup Apache 2.0.x to deny viewing of the .html files that get generated by CCS. I only want people to be able to see the .php files generated.
In particular, I want to be able to use the <Directory> directive, not using .htaccess files.
I saw one article about this here:
http://forums.codecharge.com/posts.php?post_id=17769&s_...cess+html+files
But it does not go into detail on how to do this, and the method requires using the .htaccess files, which I do not want to use (do to possible performance hits on my www server.
Thanks in advance,
G.
|
 |
 |
glerma
Posts: 56
|
| Posted: 06/25/2004, 7:03 AM |
|
OK. I found the info out for myself.
In the interest of sharing, here is an example configuration directive on how to restrict access to your *.html files generated by CCS, using Apache 2.0.x.
The key to this is putting the <FilesMatch> directive within your <Directory> directive.
EXAMPLE httpd.conf file
--------------------------------------------------------------------------------------------
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/somefolder/www/htdocs/">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
#
Options FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.
#
Options FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Order deny,allow
Allow from all
#
# Deny any request for *.html and *.htm
#
<FilesMatch \.(?i:html|htm)$>
Order allow,deny
Deny from all
</FilesMatch>
</Directory>
--------------------------------------------------------------------------------------------
The <FilesMatch> directive will do a case-insensitive check for any .html or .htm file and deny everyone from viewing it. It will still allow any other file. You can add more file extentions to this.
Regards,
G.
|
|
|
|
crecalde
Posts: 13
|
| Posted: 06/30/2004, 5:59 PM |
|
Glerma:
Thanks. I found this very helpful, and appreciate that you came back with your own answer, yet still thought to enlighten the rest of us.
C.
|
|
|
|
|
