File permissions security questions
Posted on 2004-08-03
I am planning to set up a spider trap that will automatically add all bad robots IPs to my .htaccess file. The problem is that in order to achieve that, I will need to make my .htaccess file word-writable (together with another directory which will usually stay empty). Naturally, I don't feel comfortable with that. The .htaccess file is made non-readable for web browsers via httpd.conf (deny from all), but I assume it would still be an unsafe arrangement. Any ideas how I can make it safer without recompiling apache?