Hi, i'm using the default cache manager in my application ini as outlined in
the documentation, which i believe uses Capture for it's frontend and Static
for the back end. Here is the relevant parts from application.ini :
resources.cachemanager.page.backend.options.public_dir = APPLICATION_PATH
"/../httpdocs/cached"
resources.cachemanager.pagetag.backend.options.cache_dir =
APPLICATION_PATH
"/../data/cache/tags"
resources.frontController.params.disableOutputBuffering = true
I have also added the following to my .htaccess:
# Serve cached pages if they exist
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{DOCUMENT_ROOT}/cached/index.html -f
RewriteRule ^/*$ cached/index.html [L]
# Hit files, symlinks and directories directly, if they exist.
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{DOCUMENT_ROOT}/cached/%{REQUEST_URI}\.html -f
RewriteRule .* cached/%{REQUEST_URI}\.html [L]
My question is, since the cached directory is public, is there any way i can
protect it? Some of the pages i am caching are from the password restricted
admin side of the site, where gathering information can take several
seconds, yet won't change that often. Yet the output of this is can be
viewed by typing in domain.com/cached/admin-only-page.html. Is there
something i can add that will protect this directory from manual peeking?
Alternatively, is it possible to cache and serve the pages from a non-public
directory?
--
View this message in context:
http://zend-framework-community.634137.n4.nabble.com/CacheManager-resource-for-static-page-caching-protect-cache-tp3519952p3519952.html
Sent from the Zend Framework mailing list archive at Nabble.com.
--
List: [email protected]
Info: http://framework.zend.com/archives
Unsubscribe: [email protected]
