#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2000
    Posts
    4
    Rep Power
    0

    .htaccess + file upload


    I use an apache webserver, and
    I want to protect some folders of my website with .htaccess.

    Everybody should have acces to the folder for reading, but when somebody wants to write something to the folder (upload), he should autorize himself.

    Can i do this with .htaccess protection? As far as i understand you can only protect a folder completely.

    grtz,
    André
  2. #2
  3. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    16
    but when somebody wants to write something to the folder (upload), he should autorize himself.
    People can't write things to folders on your web server unless (a) they log in to the server via SSH or something (b) you have written a CGI to do this, and even then the directory permissions have to be changed or (c) you've enabled the PUT HTTP method

    (a) is not really a concern as it can't be done via the web server - .htaccess will not help you here.

    For (b) you can put the CGI script that does the uploading in a .htaccess protected directory - this will mean that people are required to authenticate before accessing the upload script

    For (c), you're in a world of trouble...
    Alex
    (http://www.alex-greg.com)

IMN logo majestic logo threadwatch logo seochat tools logo