|Montana Bengal| Posted April 17, 2008 Report Share Posted April 17, 2008 Sorry to make another thread about .htaccess, but this is a slightly different question. So what I'd like to do is try to hide a few directories, but still have them accessible. Meaning I have a admin directory. I can go to www.xyz.com/gobengalsadmin/ and login. Could I do something with .htaccess to not show that directory to the world? Would IndexIgnore */* in the root help (maybe specify that the only page views could hit would be the index.php)? Does this make sense and does this do anything to help me? Everythime I screw with the permissions on directories (or .htpasswd them) the CMS I'm using gives me errors. I guess I'm just looking for any suggestions that might help. Link to comment Share on other sites More sharing options...
|Elflocko| Posted April 17, 2008 Report Share Posted April 17, 2008 Doesn't your CMS have a Public\Private\Registered setting or something like that for controlling page access? Or show\hide links to content based on the aforementioned settings? That would be much easier than doing it through .htaccess (which, to answer your question is possible but a bigger pain in the butt). I tend to be leery of dumping too many rules into .htacess as the more you put in, the better chance you have of really jacking things up (and trust me, you will)... Link to comment Share on other sites More sharing options...
-GoBengals- Posted April 18, 2008 Report Share Posted April 18, 2008 coudnt you just password protect the directory so no one can access it? within your host or even ftp that should be possible without dealing directly with htaccess Link to comment Share on other sites More sharing options...
|Elflocko| Posted April 18, 2008 Report Share Posted April 18, 2008 [quote name='GoBengals' post='653670' date='Apr 17 2008, 10:50 PM']coudnt you just password protect the directory so no one can access it? within your host or even ftp that should be possible without dealing directly with htaccess[/quote] That can cause issues too as sometimes the application can't authenticate. Just something to consider... Link to comment Share on other sites More sharing options...
|Montana Bengal| Posted April 18, 2008 Author Report Share Posted April 18, 2008 [quote name='Elflocko' post='653239' date='Apr 17 2008, 06:26 AM']Doesn't your CMS have a Public\Private\Registered setting or something like that for controlling page access? Or show\hide links to content based on the aforementioned settings? That would be much easier than doing it through .htaccess (which, to answer your question is possible but a bigger pain in the butt). I tend to be leery of dumping too many rules into .htacess as the more you put in, the better chance you have of really jacking things up (and trust me, you will)...[/quote] I don't think so. Everything I've checked out has suggested that I chmod directories (tighten some not others) and do it in steps 777 to 775 to 755 until things stop working (I know). For example the uploads directory, admin, and tmp ones. (I'm doing this via SSH BTW). But it seems like I can tighten those down too much and then users aren't able to upload files through the CMS or the CMS spits out garbage because some file can't be modified. I'm worried that if I tried what Go suggested (not really sure how to do that) that I'd run into the same issue. I'm not really worried about the CMS or browser revealing any directories from the outside...since it is php based everything just shows up as 'index.php?go-bengals'. I'm just worried that someone is going to find another way in. Anyway, that is the main reason I was wondering if I could 'hide' directories/files from prying eyes, but allow the CMS to still access them. I don't even know if this is possible or not. Link to comment Share on other sites More sharing options...
|Elflocko| Posted April 18, 2008 Report Share Posted April 18, 2008 [quote name='Montana Bengal' post='653679' date='Apr 17 2008, 11:39 PM']I don't think so. Everything I've checked out has suggested that I chmod directories (tighten some not others) and do it in steps 777 to 775 to 755 until things stop working (I know). For example the uploads directory, admin, and tmp ones. (I'm doing this via SSH BTW). But it seems like I can tighten those down too much and then users aren't able to upload files through the CMS or the CMS spits out garbage because some file can't be modified. I'm worried that if I tried what Go suggested (not really sure how to do that) that I'd run into the same issue. I'm not really worried about the CMS or browser revealing any directories from the outside...since it is php based everything just shows up as 'index.php?go-bengals'. I'm just worried that someone is going to find another way in. Anyway, that is the main reason I was wondering if I could 'hide' directories/files from prying eyes, but allow the CMS to still access them. I don't even know if this is possible or not.[/quote] Does the server you're using have cPanel, Webmin, Plesk, or another similar interface? (And BTW, kudos to you for braving the command line... ) Link to comment Share on other sites More sharing options...
|Elflocko| Posted April 18, 2008 Report Share Posted April 18, 2008 Oh, and what OS is your server? Link to comment Share on other sites More sharing options...
|Montana Bengal| Posted April 18, 2008 Author Report Share Posted April 18, 2008 [quote name='Elflocko' post='653680' date='Apr 17 2008, 09:43 PM']Does the server you're using have cPanel, Webmin, Plesk, or another similar interface? (And BTW, kudos to you for braving the command line... )[/quote] No, I do not believe so. To my best estimation - Unix. I'm shooting you a little more info Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.