Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,517
    Thanks
    114
    Thanked 110 Times in 109 Posts

    blocking index.php but not other files in folder

    Hi i have two domains

    http://domain.com

    and

    https://secure.domain.com

    both run under the same document root however there is a folder inside the document root /ecommerce. Inside this folder is a file index.php i want to allow access to https://secure.domain.com/ecommerce but not to http://domain.com/ecommerce
    There is however a snag. There are some other files inside the ecommerce folder that i do want to allow http://domain.com to access such as http://domain.com/ecommerce/page_jump.php. I also need the secure domain to be the only domain that has access to https://secure.domain.com/ecommerce/post_url.php So

    https://secure.domain.com/ecommerce/
    https://secure.domain.com/ecommerce/page_jump.php

    are the files i want to restrict access from http://domain.com

    and allow access to http://domain.com for anything else. Hope this makes sense.
    You can not say you know how to do something, until you can teach it to someone else.

  • #2
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,517
    Thanks
    114
    Thanked 110 Times in 109 Posts
    I did some research and think the best way to do this is block the entire folder under domain.com and allow the files i want to allow it to access. The secure.domain.com will be able to access everything in that folder

    Something like?

    Code:
        # No one needs to access this directly
        <Directory "/home/sites/domain.com/web/ecommerce">
           Order Deny,allow
           Deny from all
        </Directory>
        # But this file is OK:
        <Files "/home/sites/domain.com/web/ecommerce/page_jump.php">
           Order Deny,Allow
           Allow from all
        </Files>
        <Files "/home/sites/domain.com/web/ecommerce/return_url.php">
           Order Deny,Allow
           Allow from all
        </Files>
    Won't be able to test this until i go live but i put it in if anyone can see anything wrong with this, please let me know!
    You can not say you know how to do something, until you can teach it to someone else.

  • #3
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,517
    Thanks
    114
    Thanked 110 Times in 109 Posts
    Doesn't work
    You can not say you know how to do something, until you can teach it to someone else.

  • #4
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,517
    Thanks
    114
    Thanked 110 Times in 109 Posts
    Got there i had to put the files inside the directory directive

    Code:
    # No one needs to access this directly
        <Directory "/home/sites/domain.com/web/ecommerce">
           Order Deny,allow
           Deny from all
            # But this file is OK:
            <Files "page_jump.php">
               Order Deny,Allow
               Allow from all
            </Files>
            <Files "return_url.php">
               Order Deny,Allow
               Allow from all
            </Files>
        </Directory>
    You can not say you know how to do something, until you can teach it to someone else.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •