Solved

How to hide .htaccess file?

Posted on 1999-01-21
4
607 Views
Last Modified: 2008-03-17
How to hide .htaccess file of Apache server? What about using symbolic links pointing to a protected directory while the .htaccess would have been a link pointing to a password protected directory.

What would happen if the permission for .htaccess is set to 600. Can Apache running as "nobody" user read it at the same while the others can not access it via web.
 
Thank you.
 
0
Comment
Question by:elvaaa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 2

Expert Comment

by:jprohart
ID: 1639223
from www.apache.org:

IndexIgnore

Syntax: IndexIgnore file file ...
Context: server config, virtual host, directory, .htaccess
Override: Indexes
Status: Base
Module: mod_autoindex

The IndexIgnore directive adds to the list of files to hide when listing a directory. File is a file extension, partial filename, wildcard expression or full filename for files to ignore. Multiple
IndexIgnore directives add to the list, rather than the replacing the list of ignored files. By default, the list contains `.'. Example:

     IndexIgnore README .htaccess *~
0
 

Author Comment

by:elvaaa
ID: 1639224
jprohart! I am sorry to reject your answer but this is not what I meant.
 
"The IndexIgnore directive adds to the list of files to hide when listing a directory" ONLY when listing. The directory where this .htaccess file exist is never being listed because there is a index.html file. Also I have not root permission to access the srm.conf or httpd.conf files.

What I mentioned is hiding the .htaccess via a symblic link. So insted of .htaccess real file the ".htaccess" is a link that points the httpd to a another directory which can be read locally by httpd daemon and if the visitor tries to access this directory that would be impossible because I have another .htaccess file on that directory requring from the user an authorization.

Is it possible? If yes tell HOW?
 
Thank You,
 
0
 

Author Comment

by:elvaaa
ID: 1639225
Correction: "Also I have not root permission to access the srm.conf or httpd.conf files." should be: "Also I have not root permission to write[read access is granted since the httpd runs as *nobody*] the srm.conf or httpd.conf files."
thanks,
0
 
LVL 7

Accepted Solution

by:
jconde earned 30 total points
ID: 1639226
As far as I know, you can't "hide" .htaccess form the httpd.  What you can do (Which is pretty simple although time consuming) is to recompile apache, but before doing so, modify the C file where it points to .htaccess  (It should be an include fine .H)

If you need help doing so, please get in touch with me.

Regards,

Jorge del Conde
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question