Solved

How to hide .htaccess file?

Posted on 1999-01-21
4
614 Views
Last Modified: 2008-03-17
How to hide .htaccess file of Apache server? What about using symbolic links pointing to a protected directory while the .htaccess would have been a link pointing to a password protected directory.

What would happen if the permission for .htaccess is set to 600. Can Apache running as "nobody" user read it at the same while the others can not access it via web.
 
Thank you.
 
0
Comment
Question by:elvaaa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 2

Expert Comment

by:jprohart
ID: 1639223
from www.apache.org:

IndexIgnore

Syntax: IndexIgnore file file ...
Context: server config, virtual host, directory, .htaccess
Override: Indexes
Status: Base
Module: mod_autoindex

The IndexIgnore directive adds to the list of files to hide when listing a directory. File is a file extension, partial filename, wildcard expression or full filename for files to ignore. Multiple
IndexIgnore directives add to the list, rather than the replacing the list of ignored files. By default, the list contains `.'. Example:

     IndexIgnore README .htaccess *~
0
 

Author Comment

by:elvaaa
ID: 1639224
jprohart! I am sorry to reject your answer but this is not what I meant.
 
"The IndexIgnore directive adds to the list of files to hide when listing a directory" ONLY when listing. The directory where this .htaccess file exist is never being listed because there is a index.html file. Also I have not root permission to access the srm.conf or httpd.conf files.

What I mentioned is hiding the .htaccess via a symblic link. So insted of .htaccess real file the ".htaccess" is a link that points the httpd to a another directory which can be read locally by httpd daemon and if the visitor tries to access this directory that would be impossible because I have another .htaccess file on that directory requring from the user an authorization.

Is it possible? If yes tell HOW?
 
Thank You,
 
0
 

Author Comment

by:elvaaa
ID: 1639225
Correction: "Also I have not root permission to access the srm.conf or httpd.conf files." should be: "Also I have not root permission to write[read access is granted since the httpd runs as *nobody*] the srm.conf or httpd.conf files."
thanks,
0
 
LVL 7

Accepted Solution

by:
jconde earned 30 total points
ID: 1639226
As far as I know, you can't "hide" .htaccess form the httpd.  What you can do (Which is pretty simple although time consuming) is to recompile apache, but before doing so, modify the C file where it points to .htaccess  (It should be an include fine .H)

If you need help doing so, please get in touch with me.

Regards,

Jorge del Conde
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question