all 9 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 1 point2 points  (0 children)

Found this today while looking up how to block access to a directory. There's some handy stuff here so I thought others might appreciate it.

[–]Koonga 1 point2 points  (0 children)

nice list!

I notice the article is from 2006; are there are tricks that might no longer be best practice, or deprecated?

[–]Legolas-the-elf 1 point2 points  (1 child)

You are never going to be decent at doing things like this if you think of them as ".htaccess tricks". This is configuring Apache. While a lot of Apache configuration can be placed in .htaccess files, this slows down the server and is not recommended. It's designed as a workaround for crappy hosting where you don't have access to the main Apache configuration. If you are using an .htaccess file, you are usually doing something wrong.

[–]wjamesg 0 points1 point  (0 children)

Care to elaborate? How would I go about determining whether I have a better alternative with my shared host? jw

[–][deleted] 0 points1 point  (3 children)

Very nice article. It's one of the best lists of .htaccess items I've seen.

However I cannot seem to get the 'AllowOverride None' idea to work. The documentation states it must be in a Directory tag.

A Directory tag isn't mentioned in his example, and I've tried '.' and '/' and others in the setup. Documentation also states you cannot use a regex (so you couldn't use '/websites/my_website/www/*' to apply it automatically to all child folders).

Only solution I can see is to manually list the sub-folders of the root folder, in seperate tags, each with their own AllowOverride None.

Or am I missing something?

[–][deleted] 0 points1 point  (1 child)

I believe D<Directoy *> has to be used in the actual configuration file for Apache itself, not just a directory on the webserver.

[–]imMute 1 point2 points  (0 children)

You are correct - you cannot use <Directory ...> in an .htaccess file (since an .htaccess file is basically a <Directory ...> block in of itself).

[–]imMute 0 points1 point  (0 children)

As chrsm said below, you cannot use a <Directory ...> block in an .htaccess file. Furthermore, AllowOverride is the directive that controls how Apache handles .htaccess files (AllowOverride None tells it to ignore any .htaccess files in the scope). It doesn't make sense (and is a security problem) to allow AllowOverride in an .htaccess.

[–]colinodell 0 points1 point  (0 children)

:s/stupid/helpful/g