Hi,
.htaccess works fine for outside access .. do you know how to secure it
from the inside also ?
Local users can read the "secure" (.htaccess) directory files with "vi"
or just copy them to their home directory and then view it with
netscape.
My home is /home/me rwx --- ---
My secure web page is /home/me/public_html/secure rwx r-- r--
now if one does "ls /home/me" it will not work, permission denied
but "ls /home/me/public_html/secure" is fully available, so is
"cp /home/me/public_html/secure/* /home/curiosuser"
I sure they are some solutions to that, will be happy to know them 8-)
.. and also think everybody should be aware of that weakness, just in
case some did not know.
thanks,
alain
Tim Howell wrote:
>
> Hey Patrick,
>
> You can use .htaccess files to protect the areas of the site you don't
> want the world at large to see. Check out how this can be done at
> builder.com:
>
> http://www.builder.com/Authoring/Stupid/ss01.html
>
> Tim
>
> On Thu, 7 Oct 1999, Patrick Putteman wrote:
>
> > Hello All,
> >
> > Got another question:
> >
> > I use my linuxbox at the office for monitoring and accounting of the
>bandwith/uptime of our servers, with automatic generation of HTML pages (mrtg and
>netsaint are 2 of the apps I use). Of course, this info is kind of confidential and
>therefor I would like to have to enter a password upon entering the confidential
>parts of the server.
> > How do I configure Apache so that it asks a password upon browsing to certain
>files/dirs?
> > I had a look at the apache docs, but they're not entirely clear on this.
> >
> > Thx,
> >
> > Patrick Putteman
> > Internet Support Manager
> > Net7 - Member of the Advalvas Group
> >
