Go Back   CodingForums.com > :: Server side development > Apache configuration
Reload this Page blocking index.php but not other files in folder

Before you post, read our: Rules & Posting Guidelines

Reply
 
Thread Tools Rate Thread
Enjoy an ad free experience by logging in. Not a member yet? Register.
Old 03-15-2012, 04:59 PM   PM User | #1
timgolding
Senior Coder

 
timgolding's Avatar
 
Join Date: Aug 2006
Location: Southampton
Posts: 1,460
Thanks: 89
Thanked 110 Times in 109 Posts
timgolding is on a distinguished road
blocking index.php but not other files in folder
Hi i have two domains

http://domain.com

and

https://secure.domain.com

both run under the same document root however there is a folder inside the document root /ecommerce. Inside this folder is a file index.php i want to allow access to https://secure.domain.com/ecommerce but not to http://domain.com/ecommerce
There is however a snag. There are some other files inside the ecommerce folder that i do want to allow http://domain.com to access such as http://domain.com/ecommerce/page_jump.php. I also need the secure domain to be the only domain that has access to https://secure.domain.com/ecommerce/post_url.php So

https://secure.domain.com/ecommerce/
https://secure.domain.com/ecommerce/page_jump.php

are the files i want to restrict access from http://domain.com

and allow access to http://domain.com for anything else. Hope this makes sense.
__________________
You can not say you know how to do something, until you can teach it to someone else.
timgolding is offline   Reply With Quote
Old 03-16-2012, 11:30 AM   PM User | #2
timgolding
Senior Coder

 
timgolding's Avatar
 
Join Date: Aug 2006
Location: Southampton
Posts: 1,460
Thanks: 89
Thanked 110 Times in 109 Posts
timgolding is on a distinguished road
I did some research and think the best way to do this is block the entire folder under domain.com and allow the files i want to allow it to access. The secure.domain.com will be able to access everything in that folder

Something like?

Code:
    # No one needs to access this directly
    <Directory "/home/sites/domain.com/web/ecommerce">
       Order Deny,allow
       Deny from all
    </Directory>
    # But this file is OK:
    <Files "/home/sites/domain.com/web/ecommerce/page_jump.php">
       Order Deny,Allow
       Allow from all
    </Files>
    <Files "/home/sites/domain.com/web/ecommerce/return_url.php">
       Order Deny,Allow
       Allow from all
    </Files>
Won't be able to test this until i go live but i put it in if anyone can see anything wrong with this, please let me know!
__________________
You can not say you know how to do something, until you can teach it to someone else.
timgolding is offline   Reply With Quote
Old 03-19-2012, 05:28 PM   PM User | #3
timgolding
Senior Coder

 
timgolding's Avatar
 
Join Date: Aug 2006
Location: Southampton
Posts: 1,460
Thanks: 89
Thanked 110 Times in 109 Posts
timgolding is on a distinguished road
Doesn't work
__________________
You can not say you know how to do something, until you can teach it to someone else.
timgolding is offline   Reply With Quote
Old 03-19-2012, 05:39 PM   PM User | #4
timgolding
Senior Coder

 
timgolding's Avatar
 
Join Date: Aug 2006
Location: Southampton
Posts: 1,460
Thanks: 89
Thanked 110 Times in 109 Posts
timgolding is on a distinguished road
Got there i had to put the files inside the directory directive

Code:
# No one needs to access this directly
    <Directory "/home/sites/domain.com/web/ecommerce">
       Order Deny,allow
       Deny from all
        # But this file is OK:
        <Files "page_jump.php">
           Order Deny,Allow
           Allow from all
        </Files>
        <Files "return_url.php">
           Order Deny,Allow
           Allow from all
        </Files>
    </Directory>
__________________
You can not say you know how to do something, until you can teach it to someone else.
timgolding is offline   Reply With Quote
Reply

Bookmarks

Jump To Top of Thread


« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 05:55 PM.
Advertisement
Log in to turn off these ads.