Scott Silva wrote:
ankush grover spake the following on 2/10/2007 2:11 AM:
hi friends,
I have configured a HelpDesk Ticketing System on Centos4.4. The
problem I am facing is that there is a file called "site.xml" which
contains the information about database connections and I don't want
ppl to be able to read that file through browser. As per the
readme.htm of that software if the below entries will be put in
.htaccess then nobody can read the xml through browser.
<Files ~ ".xml">
Order allow,deny
Deny from all
Satisfy All
</Files>
Even though the above entries are there in .htaccess still I am able
to read "site.xml" file. How do I prevent the reading of this file ?
HelpDesk Ticketing Software is under /var/www/html/request and
.htaccess is also under /var/www/html/request.
Please let me know if you need any further information.
Did you try to chown to root:root and chmod to 600?
That should keep apache from reading the file.
Since it is a web application, that would also keep the application from
reading its own configuration file...
Putting the restriction in a conf file in /etc/httpd/conf.c is the
cleanest way to handle this.
--
Les Mikesell
lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
