httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul Stephenson" <PStephen...@ficgroup.com>
Subject RE: Protect directory
Date Thu, 21 Feb 2002 20:59:00 GMT
Ahh, I see what you are trying to do.  Look in your httpd.conf file and find the <Directory
"/path/to/ssfiles> and in this directive ensure that you have listed the -Indexes option.
 So yours would look kinda like this.

<Directory "/path/to/ssfiles>
	Options -Indexes
	Order allow,deny
	Allow from all
</Directory>

and then for the redirect

this also depends if you are using virtual hosts, assuming you are put the following into
your <VirtualHost> directive block

<VirtualHost www.domainname.com>
Redirect /ssfiles http://www.domainname.com
</VirtualHost>

Obviously a lot more stuff goes in the virtual host directive block, but I am sure you know
that, and I am not even sure if you are using virtual hosts.

If you are not, just put the redirect statement at the bottom of your httpd.conf file or where
ever you feel comfortable.

Paul

-----Original Message-----
From: Fernando Reuter Wendt [mailto:fernando@admijui.unijui.tche.br] 
Sent: Thursday, February 21, 2002 2:26 PM
To: users@httpd.apache.org
Subject: RES: Protect directory

Yes, the system is unix based. And i have tought about the file system
permitions (user group), and not sure that this can solve that. I belive in
some apache solution.

Fernando Wendt

-----Mensagem original-----
De: Paul Stephenson [mailto:PStephenson@ficgroup.com]
Enviada em: quinta-feira, 21 de fevereiro de 2002 17:17
Para: users@httpd.apache.org
Assunto: RE: Protect directory


If this is done on a linux or unix platform here is how I did it, and
everyone can tell me if it is not secure.

I run the apache as user=www and group=webgroup, therefore if I make every
user that will be hosting pages, I can set the UID of the the person's
folder to their UID, and I set the user's GID in the /etc/passwd file to
'webgroup', and then I do a chmod -R o-x on the user's directory. 

So in summary here is what you have:

drwxr-x--- This means that only the folders user can read, write, and
execute, but the group that is running apache has permission to read and
execute.  What this means is that multiple people can log onto your ftp
site, see that there are other sites around, but they can't even do an 'ls'
on any of the directories (except for the one they own).

The key thing here is making sure that you have the /etc/passwd file and
/etc/group and /path/to/httpd.conf (for the user and group that runs
apache).

Would appreciate any comments or if I am all fudged up.

Paul

-----Original Message-----
From: Fernando Reuter Wendt [mailto:fernando@admijui.unijui.tche.br] 
Sent: Thursday, February 21, 2002 12:20 PM
To: apacheUsersList (E-mail)
Subject: Protect directory

Hi,

how can i protect a directory, to make impossible to users get, view or list
what´s inside it? Sample: if i have one directory called ssfiles, on the
htdocs root, what i must do to make it not accessible to users view when
link to http://www.site.com/ssfiles , and also redirect them to another
link, like the index one (http://www.site.com)?

Thank you,

+-------------------------
 Fernando A. R. Wendt
 Webmaster UNIJUÍ
 http://www.unijui.tche.br
-------------------------+
 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message