[thelist] how do I protect directories outside public_html

Sales @ Lycosa sales at lycosa.co.uk
Fri Jun 13 04:20:35 CDT 2008


To protect admin and ini files, I store them above the public_html directory
in a sibling directory, using mod_rewrite to access them. However, I cannot
find a satisfactory way of password protecting this directory. I would
access the safe directory as www.domain.com/safe/ but the actual 'safe'
directory does not reside within public_html, and the incoming requests are
redirected using mod_rewrite and a php script. The php script handles the
redirection of the various file types and does session handling.

 

If you have any thoughts, they would be much appreciated.

 

Eg.

 

-- public_html

 -- index.htm

 -- redirect.php

-- safe

   -- index.htm

   -- data.ini

 

 

.htaccess:

 

AddHandler application/x-httpd-php .htm

ErrorDocument 404 /redirect.php

 

RewriteEngine on

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

 

RewriteOptions MaxRedirects=2

RewriteRule ^(.*)$ redirect.php?$1 [L,NS,QSA]

 

Thanks,
Phil Parker
http://www.lycosa.co.uk <http://www.lycosa.co.uk/> 

 

 




More information about the thelist mailing list