Solved

How to hide .htaccess file?

Posted on 1999-01-21
4
591 Views
Last Modified: 2008-03-17
How to hide .htaccess file of Apache server? What about using symbolic links pointing to a protected directory while the .htaccess would have been a link pointing to a password protected directory.

What would happen if the permission for .htaccess is set to 600. Can Apache running as "nobody" user read it at the same while the others can not access it via web.
 
Thank you.
 
0
Comment
Question by:elvaaa
  • 2
4 Comments
 
LVL 2

Expert Comment

by:jprohart
ID: 1639223
from www.apache.org:

IndexIgnore

Syntax: IndexIgnore file file ...
Context: server config, virtual host, directory, .htaccess
Override: Indexes
Status: Base
Module: mod_autoindex

The IndexIgnore directive adds to the list of files to hide when listing a directory. File is a file extension, partial filename, wildcard expression or full filename for files to ignore. Multiple
IndexIgnore directives add to the list, rather than the replacing the list of ignored files. By default, the list contains `.'. Example:

     IndexIgnore README .htaccess *~
0
 

Author Comment

by:elvaaa
ID: 1639224
jprohart! I am sorry to reject your answer but this is not what I meant.
 
"The IndexIgnore directive adds to the list of files to hide when listing a directory" ONLY when listing. The directory where this .htaccess file exist is never being listed because there is a index.html file. Also I have not root permission to access the srm.conf or httpd.conf files.

What I mentioned is hiding the .htaccess via a symblic link. So insted of .htaccess real file the ".htaccess" is a link that points the httpd to a another directory which can be read locally by httpd daemon and if the visitor tries to access this directory that would be impossible because I have another .htaccess file on that directory requring from the user an authorization.

Is it possible? If yes tell HOW?
 
Thank You,
 
0
 

Author Comment

by:elvaaa
ID: 1639225
Correction: "Also I have not root permission to access the srm.conf or httpd.conf files." should be: "Also I have not root permission to write[read access is granted since the httpd runs as *nobody*] the srm.conf or httpd.conf files."
thanks,
0
 
LVL 7

Accepted Solution

by:
jconde earned 30 total points
ID: 1639226
As far as I know, you can't "hide" .htaccess form the httpd.  What you can do (Which is pretty simple although time consuming) is to recompile apache, but before doing so, modify the C file where it points to .htaccess  (It should be an include fine .H)

If you need help doing so, please get in touch with me.

Regards,

Jorge del Conde
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question