Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9

Thread: htaccess help

  1. #1
    New to the CF scene
    Join Date
    Nov 2005
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    htaccess help

    Hi, hope i am posting this in the right section.
    I just read through the htaccess tutorial at javascriptkit.com and it was very informative.
    However i am wondering if it is possible to only ALLOW access from a certain referrer. basically, i would like all requests to a file to be denied unless it is linked from a specific website, or at least a specific domain. is this possible to do using htaccess or any other method?

    thanks in advance
    genzai

  • #2
    Regular Coder
    Join Date
    Oct 2004
    Posts
    359
    Thanks
    0
    Thanked 17 Times in 17 Posts
    Like this:
    Code:
    SetEnvIf Referer "^http://example.com/" let_me_in
    # Remember that the referer isn't always sent. The following line lets
    # them in too, if you don't want this, comment it out with a #
    SetEnvIf Referer "^$" let_me_in
    
    Order Deny,Allow
    Deny from all
    Allow from env=let_me_in
    You can change "^http://example.com/" to your URL, if you want to only allow a certain URL like http://example.com/page.html put a $ before the last " ("^http://example.com/page.html$").

    Edit: this page (http://httpd.apache.org/docs/1.3/env.html) has more information.

    Edit2: forgot "let_me_in" after SetEnvIf Referer "^$".
    Last edited by schleppel; 11-17-2005 at 09:48 PM.

  • #3
    New to the CF scene
    Join Date
    Nov 2005
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    thank you!

    wow! thanks for the fast reply! i will try this now and let you know how it goes.

  • #4
    New to the CF scene
    Join Date
    Nov 2005
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    much appriciated

    after i figured out the url formatting, this is working great! I can't thank you enough.

  • #5
    New to the CF scene
    Join Date
    Nov 2005
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    having a new issue

    Hi, that solution is still working great, but i have another unrelated question also about htaccess. I read in the tutorial that the htaccess file will apply itself to all subfolders by default. However it also says that if you put a different htaccess file into a subfolder, that it is this htaccess file that should take priority (within that subfolder).

    I have a folder called 'media' which is password protected using htaccess. this is working fine. however, i am puting some subfolders into the 'media' folder which i dont want password protected at all. For these folders i have put a new htaccess file into them without the code requiring authorization. however when i try to access these folders i still am prompted for a password based on the htaccess file in the 'media' folder.
    What am i doing wrong?

    Thanks again
    -genzai

  • #6
    Regular Coder
    Join Date
    Sep 2005
    Location
    Madison, Indiana, USA
    Posts
    166
    Thanks
    0
    Thanked 0 Times in 0 Posts
    When you say you put a different htaccess file in the sub-folders, did you just put a blank htaccess file in the sub-folder, or did you add an Allow all line to the new file?



    .

  • #7
    New to the CF scene
    Join Date
    Nov 2005
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts

    the new htaccess file

    I did not add any allow lines, and maybe this is the problem. I just put in a htaccess file that had some other unrelated commands but which had nothing in it about authorizations.

    What would the line(s) look like that re-authorized all users to access the folder?

  • #8
    Regular Coder
    Join Date
    Oct 2004
    Posts
    359
    Thanks
    0
    Thanked 17 Times in 17 Posts
    When i had a go at this i couldn't find any way to re-authorize access. This is possibly because .htaccess files are read for root to current directory, so the authentication is sent before the server gets to the last .htaccess file (more info: http://httpd.apache.org/docs/2.0/how...cess.html#when somewhere in that section). It might be possible though...

  • #9
    Regular Coder
    Join Date
    Sep 2005
    Location
    Madison, Indiana, USA
    Posts
    166
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Try the following:
    Code:
    <Limit GET POST>
    order allow,deny
    allow from all
    </Limit>
    I wanted to use a 'deny from none' statement, but as far as I know it doesn't exist. In fact putting it into htaccess can cause an undesirable delay as Apache tries to resolve the address of the URI 'none'.

    The above code should allow your lower level folders access by anyone.



    .


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •