[thelist] mime types and .htaccess question
Kae Verens
kverens at contactjuggling.org
Tue Mar 4 09:00:01 CST 2003
Support Team wrote:
> Hi
>
> We are using a script to provide web space to our members. This creates sub
> directories (one for each user)
> IE site.com/home/USER1
> or site.com/home/USER2
>
> I have created a .htaccess file in the home directories to stop hot linking
> and to remove some handlers for cgi and php.
>
> What would happen if a user uploads there own .htaccess file. Can they then
> override my security settings and add there own handlers.
if you upload the .htaccess as one user, and chmod it to by
user-writable only (644, I believe is the norm for .htaccess?), then
that should solve the problem - that way, only yourself or root would be
able to change it.
also, I believe you can use a directive such as "AllowOverride None"
within your .htaccess to stop .htaccess files being used in subdirectories.
--
Kae Verens +----------------------------------+ webworks.ie
pay |http://www.webworks.ie | bee
play |http://www.contactjuggling.org | boss
kae |http://kverens.contactjuggling.org| god
More information about the thelist
mailing list