Re: Restrict access to folders SOLVED

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Israel, that was my question exactly. I should be able to get one of these methods to work. Thank you.

Bruce

--- On Mon 03/19, Israel Brewster < israel@xxxxxxxxxxxxxxxxxx > wrote:

If I read the question right, what you are missing is what happens if someone currently at www.myDomainName.com/PersonalSite decides to delete the /PersonalSite part of the URL, leaving them at www.myDomainName.com/ At that point (given no index.html file at root level and indexing enabled) they would be able to see both the PersonalSite and the ProfessionalSite directories, and navigate to either one. This also assumes that the physical directory structure of the site is set up with a root level folder containing both the PersonalSite folder and ProfessionalSite folder. As this is a lot of assumptions, I suspect that one or more would not hold up for any given site (for example, I would think most sites would have an index.html at root), and as such, there may not be an issue.  However, if I am wrong, and assuming my understanding of the issue is correct, then I see a number of possibilities to restrict this behavior:

1) Place an index.html file at the root level of the server that does not contain links to ProfessionalSite and/or PersonalSite

2) Restrict access to the root level entirely using a Deny from ALL directive, which is then over-ridden in your ProfesionalSite and PersonalSite directories using an Allow from ALL directive (I think that would work)

3) Place your PersonalSite and ProfesionalSite directories outside of the webserver root directory, and use Alias directives to point /PersonalSite and /ProfessionalSite to them. That way even if you can list the root level directory, neither site will show up

Those, at least, are what I can think of off the top of my head. There may be other/better options, depending on your site layout, requirements, and other stuff about Apache I don't now.

_______________________________________________
No banners. No pop-ups. No kidding.
Make My Way  your home on the Web - http://www.myway.com



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux