[CentOS] How to prevent reading of an xml in a particular directory from browser in apache on Centos4.4
Jim Perrin
jperrin at gmail.com
Mon Feb 12 03:32:33 UTC 2007
> Even though the above entries are there in .htaccess still I am able
> to read "site.xml" file. How do I prevent the reading of this file ?
.htaccess files are only good if you're allowing them via the
AllowOverrides option in your httpd.conf. By default this option is
off, and if you have administrative access to the box it should stay
that way, as using .htaccess files will cause a (slight) performance
hit.
You don't really need the satisfy statement there either. I'd create a
helpdesk.conf file in /etc/httpd/conf.d/ with:
<Directory "/var/www/html/request">
<Files "site.xml">
Order allow,deny
Deny from all
</Files>
#other directory wide modifications, custom 404, etc.
</Directory>
If all you're protecting is that one file, you don't really need the
~, as that enables full regex matching, which should really be done
with FilesMatch
Alternatively if you really want to block all xml files, use this:
<Files ~ "\.xml$">
--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
More information about the CentOS
mailing list