Guest210212002
01-19-2006, 02:57 PM
Greetings all,
I have a webserver up, and have been digging into .htaccess trying to get it as secure as I can get it.
Just a couple of questions if anyone has time to help me out.
First, is it possible to have more than one rewrite rule to prevent remote linking? For example, I'd like to prevent linking from mydomain.com globally, in every folder but one. I use mydomain.com/links to post up linked images/files/etc, and if possible I'd like to be able to keep that open and just use the rewrite to prevent remote linking in every other folder.
Secondly, I have a couple of domains forwarded to my main domain. The way my host is setup, if you go to domain1.com or domain2.com, they both forward to mydomain.com, but under my current setup the address bar in the browser maintains the URL of the original link.
(For a real example, go to extendedrangeguitar.com and you'll end up at sevenstring.org, but the browser maintains erg.com).
Thirdly, I read up on creating an .htpasswd file and did the following:
- Changed directories to a secure location outside of my web tree (we'll call it /home/vborg/)
- Ran htpasswd -c .htpasswd Username
- Put in my password
Now, I believe all I need to do is add this in my .htpasswd where I want my pw-protected folders to be:
AuthUserFile /home/vborg/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic
require user Username
My .htpasswd file looks like: Username:(encrypted pass). I've set the .htaccess in the directory in question to 644 as well. However I can't seem to login with the username/pass combo in question. What am I missing?
Thanks in advance for any insight. :)
- Chris
Figured this out. GroupFile was killing me, stripped it and all is well.
I have a webserver up, and have been digging into .htaccess trying to get it as secure as I can get it.
Just a couple of questions if anyone has time to help me out.
First, is it possible to have more than one rewrite rule to prevent remote linking? For example, I'd like to prevent linking from mydomain.com globally, in every folder but one. I use mydomain.com/links to post up linked images/files/etc, and if possible I'd like to be able to keep that open and just use the rewrite to prevent remote linking in every other folder.
Secondly, I have a couple of domains forwarded to my main domain. The way my host is setup, if you go to domain1.com or domain2.com, they both forward to mydomain.com, but under my current setup the address bar in the browser maintains the URL of the original link.
(For a real example, go to extendedrangeguitar.com and you'll end up at sevenstring.org, but the browser maintains erg.com).
Thirdly, I read up on creating an .htpasswd file and did the following:
- Changed directories to a secure location outside of my web tree (we'll call it /home/vborg/)
- Ran htpasswd -c .htpasswd Username
- Put in my password
Now, I believe all I need to do is add this in my .htpasswd where I want my pw-protected folders to be:
AuthUserFile /home/vborg/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic
require user Username
My .htpasswd file looks like: Username:(encrypted pass). I've set the .htaccess in the directory in question to 644 as well. However I can't seem to login with the username/pass combo in question. What am I missing?
Thanks in advance for any insight. :)
- Chris
Figured this out. GroupFile was killing me, stripped it and all is well.