Well, the problem is I cant put the username and the password in the url, http://user:[EMAIL PROTECTED]/scriptdir/script is not allowed, thats the reason why I cant use .htpasswd to protect the dir. If it wasn't for this restriction I would be able to use .htpasswd w/o any problem. so-far Ive put 100 on the dir, and I have done some simple checks, like I cant wget anything from the dir, if I wget an existing filename I get 0 bytes.
With best regards Tomas Larsson Sweden http://www.tlec.se http://www.ebaman.com Verus Amicus Est Tamquam Alter Idem > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Joshua Slive > Sent: Sunday, January 06, 2008 5:08 AM > To: users@httpd.apache.org; [EMAIL PROTECTED] > Subject: Re: [EMAIL PROTECTED] File permissions in an Apache enviroment > > On Jan 5, 2008 8:23 PM, Tomas Larsson <[EMAIL PROTECTED]> wrote: > > Trying to lock down a special folder. > > Now I cant use .htaccess + .htpasswd for some reason. > > > > The directory must be executable for the server (php-script). > > I dont want anyone outside to be able get anything from the dir. > > The script is run from a normal url, i.e > > http://mysite/scriptdir/script.php > > The url is initiated from the server-bos itself throuh some sort of > > CRON-Mechanism (cant explain it better) I have no access to the > > server-config, only through .htaccess the only working way > I've found > > out, so far, is to set the permissions on the dir to 100. > > > > Anyone that has better solutions or ideas. > > Is .htaccess enabled in that directory (with AllowOverride in > httpd.conf)? If not, you can't do anything. You can test this > by putting an obvious syntax error in .htaccess and > requesting the page. > If you don't get a 500 error, you don't have the rights to > use .htaccess. > > Joshua. > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] > " from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
