On 8/7/06, Morgan Gangwere <0.fractalus@xxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 06 August 2006 22:51, Joshua Slive wrote: > On 8/6/06, Ikke Snoeckx <sebastiaan.snoeckx@xxxxxxxxxx> wrote: > > Hello > > > > I have two (simple) questions: > > > > 1. A RewriteRule: > > Basically, consider this: www.example.com/foo.bar ... Now, I want that > > to be also accessible by this: www.example.com/foo (so, actually, it is > > just the file name, but without the .bar extension) ... > > RewriteEngine On > RewriteRule ^/foo /foo.bar > > Use the RewriteLog to debug. > > > 2. Access and authorisation: > > I have two folders (lets call them 'foo' and 'bar') were I put some > > things in that should not be downloaded or viewed, however must be > > included in my website. > > Basically, the only way to get access to the content being in those two > > folder is through the normal Apache GET process, and with the right > > referer (e.g. www.example.com, and *no* other, even an empty referer > > won't give you access)... > > I said _basically_, because I know that there are tools to fake headers > > and such, but this is only to keep the majority of the visitors out of > > it. Additionally: I have my Javascript and some CSS Files (.js and .css) > > in it also, however those may be downloaded and viewed (*unless* the > > referer is *not* www.example.com *or empty*) at will... > > The "Prevent Image Theft" example here is close: > http://httpd.apache.org/docs/2.2/env.html#examples > > > Additionally: How can I setup Password Authorisation for the foo and bar > > folders (so no simple 403 error but 401)? > > See: > http://httpd.apache.org/docs/2.2/howto/auth.html > > Incidentally, you should ignore Morgan's advice about the .htaccess > file. It is not necessary.
Why ignore the .htaccess file? thats what I have been using for (oh, i dont Know, about) 8 years? thats about right. and SymLinking works fine too. thats how I have been doing things for a long time. please, explain why to ignore the .htaccess file..
Because it is not necessary, adds extra complication to the configuration, and makes the server slower. In general, .htaccess files should only be used when the person trying to change the configuration doesn't have access to httpd.conf. (I didn't say it wouldn't work, only that it shouldn't be used in general.) Symlinks will work fine in many cases. But you need to be a little careful because many parts of the meta-info configuration key off of extensions, and these could be broken. (In addition, the original poster asked specifically for a mod_rewrite solution.) Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|