[thelist] how do I protect directories outside public_html

Sales @ Lycosa sales at lycosa.co.uk
Fri Jun 13 04:20:35 CDT 2008

To protect admin and ini files, I store them above the public_html directory
in a sibling directory, using mod_rewrite to access them. However, I cannot
find a satisfactory way of password protecting this directory. I would
access the safe directory as www.domain.com/safe/ but the actual 'safe'
directory does not reside within public_html, and the incoming requests are
redirected using mod_rewrite and a php script. The php script handles the
redirection of the various file types and does session handling.


If you have any thoughts, they would be much appreciated.




-- public_html

 -- index.htm

 -- redirect.php

-- safe

   -- index.htm

   -- data.ini





AddHandler application/x-httpd-php .htm

ErrorDocument 404 /redirect.php


RewriteEngine on

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d


RewriteOptions MaxRedirects=2

RewriteRule ^(.*)$ redirect.php?$1 [L,NS,QSA]


Phil Parker
http://www.lycosa.co.uk <http://www.lycosa.co.uk/> 



More information about the thelist mailing list