Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unable to restrict access

Status
Not open for further replies.
Rushtafari

Rushtafari

Instructor
Feb 27, 2004
4
US
I am administering a Web server that has about ten individual user accounts. I would like to create a directory in each of their public_html directory called "restricted." Any material inside that directory should be unviewable from anyone trying to access them. (Once I get that working I will consider slight modifications per my specific needs.)

Now, this is a common question and I found lots of help, but nothing seems to actually work.

The first thing I tried was to use the httpd.conf file to do the job. But that was somewhat confusing. (If someone can tell me how to do it, I would appreciate it because I would rather use this approach.)

I then tried using an .htaccess file. So in one of the public_html directories I performed the following commands:

$ mkdir restricted
$ chmod restricted
$ cd restricted
$ vi .htaccess

I then inserted the following text into .htaccess.

<LIMIT GET POST>
order deny, allow
deny from all
allow from none
</LIMIT>

I then changed the permissions:

$ chmod 644 .htaccess.

That didn't work. I can still view documents placed inside this directory.

So I figured that there must be something in httpd.conf that is overriding my .htaccess commmands. I found some items that looked like the culprit, so I made the following change:

AllowOverride All

I figure this allows my deny and allow commands in .htaccess to be executed.

So I restarted Apache and, again, the Web page keeps appearing.

So what am I forgetting? Anyone?
 
Sort by date Sort by votes
Create an .htaccess with the contents below. Place this in the directory you want to protect.
Code: 
Order Allow,Deny
Deny From All

Anyone trying to access anything from that directory will see

Forbidden
You don't have permission to access /path/to/directory on this server.

M. Brooks
X Concepts LLC
 
Upvote 0 Downvote
Did you try what i put up.. It works..

Just put this in the .htaccess file and no more..

Not this:

<LIMIT GET POST>
order deny, allow
deny from all
allow from none
</LIMIT>

Do this:
Code: 
Order Allow,Deny
Deny From All

M. Brooks
X Concepts LLC
 
Upvote 0 Downvote
I did, and it still doesn't work.

Here are some command captures that should indicate if I am doing anything wrong.

$ pwd
/home/jwalkup/public_html/restricted
$ ls -l .htaccess
-rw-r--r-- 1 jwalkup fac 32 Feb 29 12:15 .htaccess
$ more .htaccess
Order Allow, Deny
Deny From All

Now, you can go to this page for yourself:


The file "oma.html" will almost certainly appear. It does on my machine.

It can't be a caching problem, because oma.html is a file I just uploaded before doing this test. I also viewed it in IE (which I almost never use) and it showed up.

Any ideas? This is really buggin' me, man!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

donald lepariku
  • Locked
  • Question
Error: 694, Severity: 24, State: 10 An attempt was made to read logical page '153', virtpage '616' f 1
Replies
3
Views
404
spamjim
spamjim
waydown
  • Locked
  • Question
Unable to connect to server
Replies
4
Views
255
RhythmAce
RhythmAce
kasperelectronics
  • Locked
  • Question
Desktop streaming from a server to low power front end device e.g. RasPi
Replies
0
Views
191
kasperelectronics
kasperelectronics
Edwin Reyes
  • Locked
  • Question
High CPU utilization Linux Server due to mysql
Replies
1
Views
261
spamjim
spamjim
bazil2
  • Locked
  • Question
Unable to mount Windows share due to error: can't read superblock - any ideas?
Replies
1
Views
412
RhythmAce
RhythmAce

Part and Inventory Search

Sponsor

Back
Top