[PHP] Really simple question - /php directory above /web tree .htaccess contents

[news.php.net]

Greetings,

I am using php on a Sun Cobalt Linux
server with many virtual hosts.
I want to have the /php directory
one directory above the /web root
so it is not accessible from browser command line execution but
will execute from a click on an
html page.  CGI-PHP is installed
but I need to know the .htaccess
contents for the /cgi/php directory
If that is not possible...

and I put the /php directory under
the /web root; would have to protect
it from browser command line execution
with a .htaccess file.
I would appreciate help with either of
the .htaccess contents that are required.
This question I think is very simple for
some of the more experienced php users
and I can't find the answer in any
documentation.
Thanks very much for any help.
Gerald Howse
###
m2 mail - http://www.opera.com/m2/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] Really simple question - /php directory above /web tree .htaccess contents

[Ernest E Vogelsinger]

At 17:58 08.03.2003, news.php.net said:
[snip]
I want to have the /php directory
one directory above the /web root
so it is not accessible from browser command line execution but
will execute from a click on an
html page.  CGI-PHP is installed
but I need to know the .htaccess
contents for the /cgi/php directory

Of course this is possible. You just cannot directly run any PHP script by
URL if it's located outside the web root, but you could easily use stub
files running that part of the application you wish to use.

I assume you have some libraries that you'd like to include in your stub files:

-- stub.php
?php
require_once('../php/library1.php');
?

So there's no real need for an .htaccess-based blocker.

However here's what you need in .htaccess )line numbers only for
explanation below):

1 AuthName The name of your realm
2 AuthType Basic
3 AuthUserFile /etc/httpd/.htpasswd
4 AuthGroupFile /etc/httpd/.htgroup
5 Require group authorized_users
6 Order deny,allow
7 Deny from all
8 Allow from 10.10.10.0/24
9 Allow from ##.##.##.##
10 Satisfy any

Explanation:
1 - This is the text that will appear on the authentication dialog at the
clients side.
2 - There are others (like NTLM) but I don't have any experience using
them. Take care that Basic doesn't provide any encryption of transmitted
UserID/Passwords; it just Base64-encodes it.
3 - Where the password file is located. It may be anywhere, even outside
the web root, as long as it is readable by Apache. You create and maintain
the .htpasswd file using the htpasswd command line utility.
4 - Optional; contains user groups. Maintained by text editor. Format:
group: user user user
group: user user user
5 - Names of user groups that may access the ddirectory. You may as well use
Require user user-id user-id
if you don't support groups.
6 - Order of ACL check (http://httpd.apache.org/docs/mod/mod_access.html#order)
7 - Deny all hosts and users (checked first, see 6)
8 - Allow from the internal network (example, not required)
9 - Allow from any other IP or subnet (example, not required)
10 - http://httpd.apache.org/docs/mod/core.html#satisfy
Allow access if _any_ of the above restrictions is met. If you specify
   Satisfy all
the above example would never allow access since no host can be on 
different addresses...

Note that AllowOverride AuthConfig must be set in the server or virtual
host definition if authentication is to be used via .htaccess.

The authentication directives can be used in the server config at the
Directory level, or in the .htaccess file.

Formore info on Apache directives read
http://httpd.apache.org/docs/mod/directives.html.

HTH,

-- 
   O Ernest E. Vogelsinger
   (\)ICQ #13394035
^ http://www.vogelsinger.at/



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php