[thelist] mime types and .htaccess question

Kae Verens kverens at contactjuggling.org
Tue Mar 4 09:00:01 CST 2003

Support Team wrote:
> Hi
> We are using a script to provide web space to our members. This creates sub
> directories (one for each user)
> IE     site.com/home/USER1
> or     site.com/home/USER2
> I have created a .htaccess file in the home directories to stop hot linking
> and to remove some handlers for cgi and php.
> What would happen if a user uploads there own .htaccess file. Can they then
> override my security settings and add there own handlers.

if you upload the .htaccess as one user, and chmod it to by
user-writable only (644, I believe is the norm for .htaccess?), then
that should solve the problem - that way, only yourself or root would be
able to change it.

also, I believe you can use a directive such as "AllowOverride None"
within your .htaccess to stop .htaccess files being used in subdirectories.

Kae Verens +----------------------------------+ webworks.ie
pay        |http://www.webworks.ie            |        bee
    play    |http://www.contactjuggling.org    |    boss
        kae |http://kverens.contactjuggling.org| god

More information about the thelist mailing list