|
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
![]() |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
|
#1
|
|||
|
|||
|
Hi,
Can anyone give me an example of an .htaccess file which forces a username/password to be supplied for access to a single file of many in a directory. Also, I want to edit my httpd.conf file to block web browsers displaying the contents of any file with an extension of .inc. I've included this in my httpd.conf file: <Files .inc> order allow,deny deny from all </Files> ...but it doesn't work. What am I missing? Thanks, Ross. |
|
#2
|
|||
|
|||
|
>>for access to a single file of many in a directory
What do you mean? Are you trying to say you wanted to protect only /foo/bar.html but not the other files in /foo directory? ######################## <Files ~ "^.inc"> Order allow,deny Deny from all </Files> |
|
#3
|
|||
|
|||
|
Hi freebsd,
Thanks for your reply. I tried the example you gave, but it didn't work until we modified it to: <Files *.inc> Order allow,deny Deny from all </Files> and this works great. So thanks for heading us in the right direction. Regarding the first part of my original posting - you are right in your assumption as to what I'm trying to achieve. Let me clarify further: Let's suppose I have a directory /test/, and in test I have 3 files a.html, b.html, and c.html. Want I want to do is create an .htaccess file which specifically requires a username and password for access to, for example, a.html. The other 2 files can be accessed through a web browser without restriction. I use .htaccess and .htpasswd files already to block access to complete directories, but can't quite work out the syntax for restricting access to named files only in a directory. I should add that I've searched the web for decent .htaccess tutorials or help, but they vary in quality, none seem to be comprehensive (with a limited number of examples), and none explicitly answer my question. Thanks again. |
|
#4
|
|||
|
|||
|
1) Put your .htpasswd above your root so visitors can't access it
#/html/username/.htpasswd put username and encryped password of your members 2) It doesn't matter how many files under how many directories you wanted to protect as they can share a common .htpasswd file #/html/username/public_html/test/.htaccess <FilesMatch "a.html"> AuthName "Member Only" AuthType Basic AuthUserFile /html/username/.htpasswd require valid-user </FilesMatch> #/html/username/public_html/test/a.html is protected #/html/username/public_html/test/b.html and all others are NOT protected 3) /html/username/public_html/foo/.htaccess <FilesMatch "bar.html"> AuthName "Member Only" AuthType Basic AuthUserFile /html/username/.htpasswd require valid-user </FilesMatch> #/html/username/public_html/foo/bar.html is protected with the same .htpasswd in /html/username/ #/html/username/public_html/foo/others.html is NOT protected ############################################ The following will not work: 1)/html/username/public_html/test/a.html is a symlink of /html/username/private/a.html which /html/username/private/ has an .htaccess pointing to /html/username/.htpasswd 2) Include a.html with a file under a protected directory will not work as well. |
![]() |
| Viewing: Dev Shed Forums > System Administration > Security and Cryptography > .htaccess code to password protect 1 file |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
|