...

View Full Version : .htaccess - allow some files



GurusGuru
08-15-2002, 08:41 AM
The directory in which I have .htaccess file contains 6 files - a.htm, b.htm, w.log, x.log, y.log, z.txt and abc.pl. Out of these two files should be accessible - a.htm and w.log. The rest of the 4 files should denied access unless being accessed by using correct login and password. The contents of the .htaccess file I am using are:

AuthUserFile /home/xxxx/cgi-bin/pass/.htpasswd
AuthGroupFile /dev/null
AuthType Basic
AuthName "Members Area"
Options -Indexes
ErrorDocument 401 /error.cgi?401
ErrorDocument 403 /error.cgi?403
ErrorDocument 404 /error.cgi?404
ErrorDocument 500 /error.cgi?500
<LIMIT GET POST>
require valid-user
</LIMIT>

How do I modify the above scripts so that the files, a.htm and w.log are accessible and available for viewing without login - without username and password.

Feyd
08-16-2002, 07:57 PM
I haven't test it (nor tried it), but this may work...



Options -Indexes

ErrorDocument 401 /error.cgi?401
ErrorDocument 403 /error.cgi?403
ErrorDocument 404 /error.cgi?404
ErrorDocument 500 /error.cgi?500

AuthUserFile /home/xxxx/cgi-bin/pass/.htpasswd
AuthGroupFile /dev/null
AuthType Basic
AuthName "Members Area"
Allow From All
<Files file.ext>
Deny From All
</Files>

Feyd
08-16-2002, 08:06 PM
Actually...

Apache 1.2 and later allows you to protect individual files, rather than on a per directory basis (as originally using htaccess/htpasswd)



<files file.ext>
AuthType Basic
AuthName "Members Area"
AuthUserFile /home/xxxx/cgi-bin/pass/.htpasswd
AuthGroupFile /dev/null
Require valid-user
</files>

GurusGuru
08-17-2002, 10:05 AM
The htaccess file in a CGI-BIN directory. This directory contains scripts with which one can post data as well as view data. This directory also contains a html file which comes up after some data has been fed (A kind of thank you page). The htaccess file works fine, only letting the viewers with valid username and password access and search the database. Anyone can post the data also. The only problem is that when the data is posted a screen comes up asking for username and password alongwith the thank you page (the data gets added to the files in the cgi-bin). How can I avoid this screen coming up when the action is POST. <LIMIT GET>
require valid-user </LIMIT>. I removed POST from this.


AuthUserFile /home/xxx/www/cgi-bin/pass/.htpasswd

AuthGroupFile /dev/null

AuthType Basic

AuthName "Members Area"

Options -Indexes

ErrorDocument 401 /error.cgi?401

ErrorDocument 403 /error.cgi?403

ErrorDocument 404 /error.cgi?404

ErrorDocument 500 /error.cgi?500

<Files *.htm, *.log>
Order Allow,Deny
allow from all
</Files>

<LIMIT GET>
require valid-user
</LIMIT>



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum