The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.
Course Of The Month
4 days, 9 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Is it wise (&feasible) for me to use .htaccess file for my application??
Posted on 2004-08-30
Hi Mr. Hoffman and Mr. Samri,
How u doin? Well i want to clarify that is it wise and feasible to write .htaccess file for my application which will be live24/7 to thousands of users. Actually if you remember i have been constantly taking your and Samri's able guidance for hosting my application live. Still to refresh your memory i posted my query at (http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21100303.html). I have almost implemented all the things which you guys suggested. My envt is RHL 9.0/ Apache2.0 with mod_mono/ Mono 1.0. The users will be accessing some other directories too in the main application directory. e.g if i have placed the application directory "apps" as under /var/www/html/apps, now in this apps directory i have some other directories which the users will be needing to retrieve some data for thier use. Should i check for the authentication at that level tool? All I want is that only valid users may have access to that data. Although at the first entry point the .NET applcation asks for the authentication of the valid user but i was still wondering from my, i mean Apache's point of view. I dont know whether this is a valid question or not and i think you are in a better position to guide me. So from that point of view what do you suggest? I would really appreciate if you could guide me step by step...
Thanks in advance
Regards!!
How u doin? Well i want to clarify that is it wise and feasible to write .htaccess file for my application which will be live24/7 to thousands of users. Actually if you remember i have been constantly taking your and Samri's able guidance for hosting my application live. Still to refresh your memory i posted my query at (http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21100303.html). I have almost implemented all the things which you guys suggested. My envt is RHL 9.0/ Apache2.0 with mod_mono/ Mono 1.0. The users will be accessing some other directories too in the main application directory. e.g if i have placed the application directory "apps" as under /var/www/html/apps, now in this apps directory i have some other directories which the users will be needing to retrieve some data for thier use. Should i check for the authentication at that level tool? All I want is that only valid users may have access to that data. Although at the first entry point the .NET applcation asks for the authentication of the valid user but i was still wondering from my, i mean Apache's point of view. I dont know whether this is a valid question or not and i think you are in a better position to guide me. So from that point of view what do you suggest? I would really appreciate if you could guide me step by step...
Thanks in advance
Regards!!
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
4-
4
-
2
10 Comments
hi parvinderg,
i am almost off to bed.
Regarding validity -- yes, as long as your question has "apache" word in it. :)
So we are looking at the following directory tree:
/var/www/html
/var/www/html/apps
/var/www/html/otherstuff
...
and quick answer, YES, you could use .htaccess to protect the stuff in any folder. But first, jump to the usual :
http://httpd.apache.org/docs-2.0/howto/auth.html on protection and stuff.
http://httpd.apache.org/docs-2.0/howto/htaccess.html on more info on .htaccess
Most of the information is pretty much laid down by the Apache team there.
Basically, once you had protected the a directory (either in .htaccess in that folder, or in <Directory>.. tag in server config), the ACL is pretty much inherited to the folder underneath. As for your directory tree-- if you had protected /var/www/html/apps, andything /var/www/html/apps/apps1, /var/www/html/apps/apps2, /var/www/html/apps/apps3 etc. would be protected. Any access to any resource within that directory tree would be greeted with a password pop-up box.
Hope this could give you a kick start.
i am almost off to bed.
Regarding validity -- yes, as long as your question has "apache" word in it. :)
So we are looking at the following directory tree:
/var/www/html
/var/www/html/apps
/var/www/html/otherstuff
...
and quick answer, YES, you could use .htaccess to protect the stuff in any folder. But first, jump to the usual :
http://httpd.apache.org/docs-2.0/howto/auth.html on protection and stuff.
http://httpd.apache.org/docs-2.0/howto/htaccess.html on more info on .htaccess
Most of the information is pretty much laid down by the Apache team there.
Basically, once you had protected the a directory (either in .htaccess in that folder, or in <Directory>.. tag in server config), the ACL is pretty much inherited to the folder underneath. As for your directory tree-- if you had protected /var/www/html/apps, andything /var/www/html/apps/apps1, /var/www/html/apps/apps2, /var/www/html/apps/apps3 etc. would be protected. Any access to any resource within that directory tree would be greeted with a password pop-up box.
Hope this could give you a kick start.
Addition: You may take a look at Apache FAQ at http://httpd.apache.org/docs/misc/FAQ.html
Specif section : "G. Authentication and Access Restrictions"
cheers.
Specif section : "G. Authentication and Access Restrictions"
cheers.
Thx Samri....I will just implement all these things and let u know..I m in US...btw where dya live?
Regards
Regards
If you don't like the .htaccess files in all over the place, you can use ONE file to crontrol
the login access. (eg: access.conf, or what evername you want to called it).
Just make sure that you httpd.conf has something looks like:
AccessConfig /etc/apache/access.conf
the login access. (eg: access.conf, or what evername you want to called it).
Just make sure that you httpd.conf has something looks like:
AccessConfig /etc/apache/access.conf
also have a look at:
http://www.itlab.musc.edu/mySiteMaker/LOGGING-HOWTO.html
"<Limit GET POST>
require valid-user
</Limit>"
apply to the access.conf, so you can control the user login for the dir.
http://www.itlab.musc.edu/mySiteMaker/LOGGING-HOWTO.html
"<Limit GET POST>
require valid-user
</Limit>"
apply to the access.conf, so you can control the user login for the dir.
parvinderg,
Somewhere in GMT+8 timezone. It's in Kuala Lumpur - *just woked up after 8 hours of hibernation :)
Somewhere in GMT+8 timezone. It's in Kuala Lumpur - *just woked up after 8 hours of hibernation :)
Hi Samri...
How u doin? It all great here:). Samri can u please help me in clarifying something about protecting server files in context to my case. How can i implement it when it comes to my application. What syntax do i need to write?
This is the link about which i need some explaination.
http://httpd.apache.org/docs-2.0/misc/security_tips.html#protectserverfiles
Regards
How u doin? It all great here:). Samri can u please help me in clarifying something about protecting server files in context to my case. How can i implement it when it comes to my application. What syntax do i need to write?
This is the link about which i need some explaination.
http://httpd.apache.org/docs-2.0/misc/security_tips.html#protectserverfiles
Regards
Hi parvinderg,
First of all, the URL that you mentioned is pretty much straighforward.
# cd /; ln -s / public_html
Accessing http://localhost/~root/
simply means that you create a symbolic link for user root (since most root will have their home directory to be in / - the root of the filesystem) - for some reason that I could not think of. The command, would create a symbolic_link public_html, to the root, so anybody that does http://yourserver/~root/ would actually be looking at /, since by default Options (http://httpd.apache.org/docs-2.0/mod/core.html#options) is set to All. You could explicitly do Option -FollowSymlinks to disable traversal of symlinks. However this would impose a different problem later on.
Next option would be following the recommendation from Apache website (since they knew the stuff better :);
<Directory />
Order Deny,Allow
Deny from all
</Directory>
This would, by default deny access to all parts of filesystem. For each, access that is required, you would need to explicitly add the <Directory>... </Directory> tag to enable them.
The "<Directory /usr/users/*/public_html>"
First of all, the URL that you mentioned is pretty much straighforward.
# cd /; ln -s / public_html
Accessing http://localhost/~root/
simply means that you create a symbolic link for user root (since most root will have their home directory to be in / - the root of the filesystem) - for some reason that I could not think of. The command, would create a symbolic_link public_html, to the root, so anybody that does http://yourserver/~root/ would actually be looking at /, since by default Options (http://httpd.apache.org/docs-2.0/mod/core.html#options) is set to All. You could explicitly do Option -FollowSymlinks to disable traversal of symlinks. However this would impose a different problem later on.
Next option would be following the recommendation from Apache website (since they knew the stuff better :);
<Directory />
Order Deny,Allow
Deny from all
</Directory>
This would, by default deny access to all parts of filesystem. For each, access that is required, you would need to explicitly add the <Directory>... </Directory> tag to enable them.
The "<Directory /usr/users/*/public_html>"
Featured Post
May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Suggested Solutions
| Title | # Comments | Views | Activity |
|---|---|---|---|
| Multiple SSL sites on one IP? | 3 | 68 | |
| ports for sccm 2012 | 1 | 110 | |
| How to ensure a smooth transition to Let's Encrypt SSL Cert? | 2 | 100 | |
| Apache module | 5 | 87 |
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
Introduction
This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html). It addresses one of the most common problems that plague beginning PHP develop…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Attackers love to prey on accounts that have privileges.
Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses
Course of the Month4 days, 9 hours left to enroll
739 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.