Solved

Use apache to limit access to javascript files?

Posted on 2002-04-26
7
163 Views
Last Modified: 2010-03-04
Hello

I'm trying to limit access to a javascript file.
Maybe it can't be done, but I thought I'd ask.

Thanks

v
0
Comment
Question by:vlg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 15

Expert Comment

by:samri
ID: 6974949
Perhaps you could use Location or LocationMatch directive;

<Location /*exe>
 Deny from all
</Location>

Apache documentation come with quite a great example on Location/LocationMatch directives.

http://httpd.apache.org/docs-2.0/mod/core.html#location

http://httpd.apache.org/docs-2.0/mod/core.html#locationmatch
0
 

Author Comment

by:vlg
ID: 6977742
samri -

Thanks for the links.  I read the docs.

When you say, "Perhaps..." does that mean you haven't tried this?

v
0
 
LVL 15

Accepted Solution

by:
samri earned 50 total points
ID: 6977794
V,

I did try it before posting the comment.  The fact that I cannot be 100% sure is that I tried to limit *.exe on my Win32 Apache 1.3.24.

I rather be realistic than optimistic.  In most cases it should (gee.. It must work), but there might be possibilities that it might not work.  For example, I have test if the *.js file is within the INCLUDE tag for example.  Mind the terminology, I'm pretty much naive in web technology.

I would presume that you ought to try it on the development platform.  do not have one - the trick is, you can have muptiple apache running on one machine, but make sure the are not fighting over port 80/TCP, use different port for the test apache, and get it installed, lets say in /usr/local/apache-test.

Please, I would be excited to know on whether it works for your particular case.

cheers.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:vlg
ID: 6978351
Well, it didn't really work.
It stopped me from getting to the javascript file, but it stopped my webpage from getting it, too. :(
Well - if you can think of a way to allow only my web apge to get the javascript file, let me know.
Thanks
v
0
 
LVL 15

Expert Comment

by:samri
ID: 6979209
vlg,

could you post the exact <Location> directive That you use?
0
 

Author Comment

by:vlg
ID: 6980983
Hello samri

Thanks for helping me after the points have been awarded - lots of people wouldn't do that.
If this isn't a simple fix, I'll give you some more points for your help.
Anyways, the Location directive didn't stop anything, so I used LocationMatch:

This killed everything:

<LocationMatch /*js>
Deny from all
</LocationMatch>

I've been experimenting with this:

<LocationMatch /*js>
Order allow, deny
allow from 127.0.0.1
Deny from all
</LocationMatch>

but it's not working.

Thanks

v
0
 

Author Comment

by:vlg
ID: 6981449
ps - when I say "it's not working" I mean, it's still disallowing all requests for the javascript file, even from the web page.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question