httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glen Lee Edwards <GLEdwa...@uswest.net>
Subject Making files invisible
Date Tue, 01 Aug 2000 23:27:36 GMT
I'm new to configuring Apache and am a little befuddled.  One of my
virtual domains uses a cgi script to upload files via web browser, which
is working fine.  Problem is, one of them new to http didn't upload an
index.htm? file.  To my dismay his password file is right there for all to
see!  Fortunately the password is encrypted, but this still isn't an
acceptable situation.

1)  Is there a way to make these files completely hidden from view from a
browser?

2)  If not is there a way to make them unreadable through the browser?

I tried using:

 <FilesMatch "*\.(pas|pass|)$">
    Order deny,allow
    Deny from all
 </FilesMatch>

and

<Files password.pass>
    Order allow,deny
    Deny from all
</Files>

but neither worked - the file is still visible and readable.

Any suggestions are appreciated.

BTW, just what is the "Order deny,allow"

Glen


Mime
View raw message