Solved

How to hide .htaccess file?

Posted on 1999-01-21
4
599 Views
Last Modified: 2008-03-17
How to hide .htaccess file of Apache server? What about using symbolic links pointing to a protected directory while the .htaccess would have been a link pointing to a password protected directory.

What would happen if the permission for .htaccess is set to 600. Can Apache running as "nobody" user read it at the same while the others can not access it via web.
 
Thank you.
 
0
Comment
Question by:elvaaa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 2

Expert Comment

by:jprohart
ID: 1639223
from www.apache.org:

IndexIgnore

Syntax: IndexIgnore file file ...
Context: server config, virtual host, directory, .htaccess
Override: Indexes
Status: Base
Module: mod_autoindex

The IndexIgnore directive adds to the list of files to hide when listing a directory. File is a file extension, partial filename, wildcard expression or full filename for files to ignore. Multiple
IndexIgnore directives add to the list, rather than the replacing the list of ignored files. By default, the list contains `.'. Example:

     IndexIgnore README .htaccess *~
0
 

Author Comment

by:elvaaa
ID: 1639224
jprohart! I am sorry to reject your answer but this is not what I meant.
 
"The IndexIgnore directive adds to the list of files to hide when listing a directory" ONLY when listing. The directory where this .htaccess file exist is never being listed because there is a index.html file. Also I have not root permission to access the srm.conf or httpd.conf files.

What I mentioned is hiding the .htaccess via a symblic link. So insted of .htaccess real file the ".htaccess" is a link that points the httpd to a another directory which can be read locally by httpd daemon and if the visitor tries to access this directory that would be impossible because I have another .htaccess file on that directory requring from the user an authorization.

Is it possible? If yes tell HOW?
 
Thank You,
 
0
 

Author Comment

by:elvaaa
ID: 1639225
Correction: "Also I have not root permission to access the srm.conf or httpd.conf files." should be: "Also I have not root permission to write[read access is granted since the httpd runs as *nobody*] the srm.conf or httpd.conf files."
thanks,
0
 
LVL 7

Accepted Solution

by:
jconde earned 30 total points
ID: 1639226
As far as I know, you can't "hide" .htaccess form the httpd.  What you can do (Which is pretty simple although time consuming) is to recompile apache, but before doing so, modify the C file where it points to .htaccess  (It should be an include fine .H)

If you need help doing so, please get in touch with me.

Regards,

Jorge del Conde
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question