Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 67268 invoked from network); 7 Aug 2006 16:04:34 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 7 Aug 2006 16:04:34 -0000 Received: (qmail 23523 invoked by uid 500); 7 Aug 2006 16:04:16 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 23507 invoked by uid 500); 7 Aug 2006 16:04:16 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 23491 invoked by uid 99); 7 Aug 2006 16:04:16 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 07 Aug 2006 09:04:16 -0700 X-ASF-Spam-Status: No, hits=0.5 required=10.0 tests=DNS_FROM_RFC_ABUSE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of 0.fractalus@gmail.com designates 66.249.82.228 as permitted sender) Received: from [66.249.82.228] (HELO wx-out-0506.google.com) (66.249.82.228) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 07 Aug 2006 09:04:15 -0700 Received: by wx-out-0506.google.com with SMTP id s19so242962wxc for ; Mon, 07 Aug 2006 09:03:55 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:from:to:subject:date:user-agent:references:in-reply-to:content-type:content-transfer-encoding:content-disposition:message-id; b=iSVQJgqWtUxR48K/5/wadMZH6SyeUtRW1Cg8u9E4d8d1He9kt36o2rVzdJJjaILFw9b+YVbyHOJNBp/4WoRyUlaDmQFNEAhndlFbF91FIAeIvIgJKF7NYG7Cf/p1rijhWzXRlEuzPeVD69VHncnJR+7yQa44N4j+REhu6k57Soo= Received: by 10.70.44.5 with SMTP id r5mr9135576wxr; Mon, 07 Aug 2006 09:03:50 -0700 (PDT) Received: from ?192.168.0.4? ( [70.56.136.99]) by mx.gmail.com with ESMTP id i36sm4590705wxd.2006.08.07.09.03.49; Mon, 07 Aug 2006 09:03:50 -0700 (PDT) From: Morgan Gangwere <0.fractalus@gmail.com> To: users@httpd.apache.org Date: Mon, 7 Aug 2006 10:02:57 -0400 User-Agent: KMail/1.7.2 References: <44D69876.5020206@telenet.be> In-Reply-To: Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200608071003.05997.0.fractalus@gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] two simple questions X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 06 August 2006 22:51, Joshua Slive wrote: > On 8/6/06, Ikke Snoeckx wrote: > > Hello > > > > I have two (simple) questions: > > > > 1. A RewriteRule: > > Basically, consider this: www.example.com/foo.bar ... Now, I want that > > to be also accessible by this: www.example.com/foo (so, actually, it is > > just the file name, but without the .bar extension) ... > > RewriteEngine On > RewriteRule ^/foo /foo.bar > > Use the RewriteLog to debug. > > > 2. Access and authorisation: > > I have two folders (lets call them 'foo' and 'bar') were I put some > > things in that should not be downloaded or viewed, however must be > > included in my website. > > Basically, the only way to get access to the content being in those two > > folder is through the normal Apache GET process, and with the right > > referer (e.g. www.example.com, and *no* other, even an empty referer > > won't give you access)... > > I said _basically_, because I know that there are tools to fake headers > > and such, but this is only to keep the majority of the visitors out of > > it. Additionally: I have my Javascript and some CSS Files (.js and .css) > > in it also, however those may be downloaded and viewed (*unless* the > > referer is *not* www.example.com *or empty*) at will... > > The "Prevent Image Theft" example here is close: > http://httpd.apache.org/docs/2.2/env.html#examples > > > Additionally: How can I setup Password Authorisation for the foo and bar > > folders (so no simple 403 error but 401)? > > See: > http://httpd.apache.org/docs/2.2/howto/auth.html > > Incidentally, you should ignore Morgan's advice about the .htaccess > file. It is not necessary. > > Joshua. > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See for more info. > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org > " from the digest: users-digest-unsubscribe@httpd.apache.org > For additional commands, e-mail: users-help@httpd.apache.org Why ignore the .htaccess file? thats what I have been using for (oh, i dont Know, about) 8 years? thats about right. and SymLinking works fine too. thats how I have been doing things for a long time. please, explain why to ignore the .htaccess file.. - -- Q: Why did the chicken cross the road? A: He was giving it last rites. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFE10gZHGLbdLi6TCgRAhlOAJ9QwXfwAlBbM/VJusPPCVrmOzD4PQCfaOoQ otflT+LOeWr9dG3+pzTjIx8= =3ges -----END PGP SIGNATURE----- --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org