h*****l
发帖数: 184 | 1 【 以下文字转载自 Internet 讨论区,原文如下 】
发信人: hanibal (汉尼拔), 信区: Internet
标 题: 一个.htaccess 可以同时保护多个目录吗?
发信站: The unknown SPACE (Sat Jun 14 18:32:52 2003) WWW-POST
比如有十个目录, 十个不同的用户只能接触自己一个目录,
高级用户可以用是同一个密码接触全部目录。
可以在一个。htaccess文件中做好以上全部设定吗?还是必须每个目录设
一个。htaccess文件。
如果可以用什么参数制定不同的目录。
我想应该是可以的, 但网上的TUTORIAL都比较简单, 有哪位大侠知道?
谢谢。 |
|
|
s*****r
发帖数: 59 | 3 Anybody be familiar with Appache server?
I have a question about rewriterulel in .htaccess
how to pass parameter, to a funcation call?
RewriteRule ^modify_user\.php(.+)$ out.php?function=modify_user&user=$1 [QSA]
is this rule correct if I want to pass $user to a funcation modify_user?
Thanks. |
|
c*****t
发帖数: 1879 | 4 It could be possible with regex replacement. I am not an expert, but
you could try something like the following (not tested):
RewriteEngine On
RewriteRule ^/~userId/*$ /~userId/wordpress/index.php?$1 [L,QSA]
so when people tries to access
/~userId/content
it would be forwarded to
/~userId/wordpress/index.php?content
.htaccess documentation is available online, so you can read more about
it. |
|
k***a
发帖数: 233 | 5 目前无法正确显示中文
无权修改httpd.conf
但是可以改.htaccess
请问在.htaccess写些什么
目前在.htaccess里有这些内容 |
|
kb
发帖数: 73 | 6 put it in a folder and put .htaccess in that folder. Specify the username
and password in .htaccess.
Google .htaccess to see its format. |
|
m****k
发帖数: 51 | 7 Microbe is right. Besides that you need to put a .htaccess file
in the directory you want to protect. here is a example of .htaccess:
AuthName "Protected Directory"
AuthType Basic
AuthUserFile /usr/local/apache/conf/htpasswd.users
require valid-user
And you need to use htpasswd to create the password file
/usr/local/apache/conf/htpasswd.users which contain the users and passwords.
|
|
m*****e
发帖数: 4193 | 8 来自主题: BuildingWeb版 - help go to apache's website and read the docs. basically, _if_ your server
is configured to allow user .htaccess to override the server default
configurations, you can put in a .htaccess under any directory to change
many server options, which, in your case, can restrict access to certain
IPs.
For example, the following only allows access from mit.edu.
order deny,allow
deny from all
allow from mit.edu |
|
s**o
发帖数: 584 | 9 Step 1. By creating a file ".htaccess" in your homework directory
(~JohnDoe/www/hwk), all files in that directory will be protected by the
password. Here is what you need to put in the .htaccess file.
AuthUserFile /your-full-path-name/.htpasswd
AuthGroupFile /dev/null
AuthName ByPassword
AuthType Basic
require user whatever
The file refers to a password file which you can put anywhere you like
in your directory system. You have to use the full path name o |
|
s**********i
发帖数: 711 | 10 1, put all the files which should have same protection under
one directory.
2, in server configuration, make sure this directory allows
override.
3, setup username and password in a .htpasswd file, using
htpasswd program or online htpasswd generator.
4, write a .htaccess file to use this .htpassed file. google
for examples. this .htaccess file should be in same directory
as the files you want to protect. |
|
s**********i
发帖数: 711 | 11
two ways:
1, change web server configuration. or
2, if web server allows .htaccess override, you can write
a .htaccess for that directory to turn on indexing.
either way, you need to check the configuration first,
and may need right to change the configuration. |
|
l*******9
发帖数: 177 | 12 There is one damn easy way to do this, as long as you can control
your httpd.conf or .htaccess, add just four lines:
AuthType basic
AuthName "pswd protect region"
AuthUserFile /path/to/htpswd
Require valid-user
in /path/to/my_protected_dir/.htaccess or in
....
of your httpd.conf....then in your shell, type
htpasswd -c /path/to/htpswd yellowchild
to generate username-password pairs...
This is by far the easiest way to fit your needs..
Other way |
|
S**********s
发帖数: 2033 | 13
好像要说到点上了。在不影响web surfer获取相关信息的前提下,怎么防止这个全局的
帐号和密码被人轻易地hack掉?如果不设htaccess密码,源代码是很容易被别人看到,
可怕的是db的帐号和密码就暴露无遗了。如果设了htaccess密码,web surfer就访问不
到相关网页了。
:但是根据前端登陆用户的role不同,authorization也不同,来决定脚本
前面我的糊涂意识得不到解答,要理解这个很有难度啊
谢谢,我去看看 |
|
|
a*****1
发帖数: 11 | 15
username
no, you can NOT put user/pswd in .htaccess
If you use only basic authentication, you generally
want to use 'htpasswd' to generate user/pswd pairs and put
the user/pswd file in a safe place, like your ServerRoot.
and then write down something in .htaccess of your local
directory or the corresponding | section
in httpd.conf, like
AuthType Basic
AuthName "passwd protection"
AuthUserFile /etc/apache2/ht_user_pswd_file
Require valid-user
You can "Require |
|
w*****s
发帖数: 122 | 16 How do I send the correct MIME/HTTP headers using Apache .htaccess files? (Not
finished)
If you are using a recent version of the Apache server, then
your Webmaster must give you "AllowOverride FileInfo"
permission. Then you can put a file called .htaccess in
any directory. (Note that in MIME terminology, "encoding" means
"compression". In the XML encoding header, "encoding" means "
coded character set") Here is a line that may be useful--
DefaultLanguage zh
AddType application/xml XML xml
Why i |
|
|
g*******a
发帖数: 31586 | 18 【 以下文字转载自 NewYork 讨论区 】
发信人: gogopanda (Never Give UP), 信区: NewYork
标 题: 请教一下 有会用WORDPRESS的朋友吗 请教一下
发信站: BBS 未名空间站 (Mon Jan 17 21:46:06 2011, 美东)
我一去更改那个
Permalink Settings
就显示出错
Not Acceptable
An appropriate representation of the requested resource /wp-admin/options-
permalink.php could not be found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an
ErrorDocument to handle the request.
我去改了htaccess这文件后 也不行
最后把WP删了重安装一次
还是不行。。!!!!
我确认我改了MYSQL里的语言字符成国际通用码了... 阅读全帖 |
|
f***o
发帖数: 2514 | 19 一直用STARTLOGIC, 最近他们慢的实在不象话,准备换一个.
有什么好的可以用?YAHOO好象不行, 改不了php.ini里面的register_globals, 也不让.
htaccess. |
|
I*****y
发帖数: 6402 | 20 cloak url. See my website www.dealspiggy.com
如果link不多,也可以通过apache的.htaccess来实现
hehe |
|
|
|
l***y
发帖数: 4671 | 23 设了个 WAMP,装 drupal 时,为啥每次地址栏都自动变成: http://my.web.site/install.php
然后内容是 install.php 的内容涅?貌似 index.php 被执行了,但 install.php 出问题了?为啥 drupal 的安装界面不出现涅?。。。
在 httpd.conf 里俺设了:
DirectoryIndex index.html index.php
在 .htaccess 里是 drupal 自己设的
# Set the default handler.
DirectoryIndex index.php index.html index.htm
版本是:drupal 7.10, apache 2.2, php 5.3 VC 9, mySQL 5.2, Windows XP |
|
t****r
发帖数: 106 | 24 UNIX下(web),我看不少就是用.htaccess 和 .htpasswd好像就行了
,不过试了试没成功。不知应该怎么用?请指教 |
|
m*****e
发帖数: 4193 | 25 Sometimes you need to change the apache configuration, especially
the AllowOverride directive. If it's set to None then probably
you won't be able to use .htaccess. Check the apache FAQ online. |
|
m*****e
发帖数: 4193 | 26 来自主题: BuildingWeb版 - help .htaccess |
|
g*****e
发帖数: 6 | 27 I want to password my directory in a unix system. I put
.htaccess file under the directory, then use htpasswd
program to set up users and passwords. The syntax taught on
some books is as follows:
htpasswd -c filename username
But when I use it accordingly, I got wrong messages. Here
are some help the htpasswd program gives:
Usage:
htpasswd help help on Usage.
htpasswd version display version
htpasswd [-i -h ] [-p] -r
-u
htpasswd [-i |
|
|
d******i
发帖数: 448 | 29 网页中如果log in需要输loginname/password才能进入
(用perl编的,并非通过设置apache中的.htaccess来实现)
那么logoff按钮应该怎么做才能彻底logoff呢?
(也就是用Browser上的back按钮回不去的那种)
Maybe it's a stupid question.
But I just don't know. :( |
|
s**********i
发帖数: 711 | 30 来自主题: BuildingWeb版 - 浏揽协议 set .htaccess file in that directory. |
|
s**o
发帖数: 584 | 31 if the host machine is linux or unix, you can use .htaccess |
|
b*******n
发帖数: 105 | 32 .htaccess won't work on NT server.Using filename of .html page as password is
doable(as suggested by other posts). But i dont really feel comfortable with
it.I just wonder whether there are other 'better' ways to achieve this.Anybody
can help me out?Thanks. |
|
y****i
发帖数: 5690 | 33 【 以下文字转载自 Security 讨论区 】
【 原文由 yongqi 所发表 】
using .htaccess and .htpasswd for protected www directory. It will prompt for
username and passwd once and the next time enters it, it will not ask for
username/pass again.
Delete files/cookies/cache doesn't help. How can I make it ask for
username/passwd every time that directory is accessed?
Thanks! |
|
m**c
发帖数: 90 | 34
Depends which web server you are using, if you are using IIS, you can turn off
"anonymous" access (default is on) and use either "basic authentication" (for
Netscape/Mozilla users) or "NT authentication". If you are using Apache, you
need add ".htaccess" to the directory you want to protect, and you also need
to create a password file using "htpasswd" (check apache manual). |
|
c***r
发帖数: 4631 | 35
could someone passed level 15 give me some hit? how can I get his .htaccess
file? |
|
j*****o
发帖数: 320 | 36 在webroot/images/下有一堆JPG文件,命名都很规则:
webroot/imgaes/folderA/folderA001.JPG
webroot/imgaes/folderA/folderA002.JPG
...
webroot/imgaes/folderA/folderA00n.JPG
...
webroot/imgaes/folderB/folderB001.JPG
webroot/imgaes/folderB/folderB002.JPG
...
文件名字,路径和存取权限都在数据库里面,让PHP调用。当图片
在网页上显示的时候,根据 就能看见图片名和路径。
现在需要防止未授权用户根据已有的文件路径猜测图片名和路径。
已知的办法是用Javascript加密HTML,但不是上上之选。最好也不用
Flash/Java Applet, 不要存图像到数据库里,也不要用Apache
的htaccess。
有什么别的办法么?谢谢。 |
|
|
|
R***r
发帖数: 322 | 39 usually if you created .htaccess file
with line
Options -Indexes
It should work (assuming the unix is using apache and is configured in a
regular way)
date, |
|
c***c
发帖数: 21374 | 40 就是最后生成的页面是静态的htm
我现在都是用apace的rewrite,在htaccess里面规定rewrite rule
但是觉得这样似乎总是还不是真正的动态网页静态发布
不过就是这样,通过日志分析都可以发现搜索引擎对这个“伪”静态页面已经spider
好几次了,比以前php后面带一堆参数的时候强
我在sf上面找了一下,好像没合适的content management system是将页面以静态htm
形式发送的,是不是我找到不对头?
另外,似乎搜索引擎对于html文件名也比较关注。我做过试验,完全一样的两个页面,
一个页面是以1234.htm这样命名,一个是按照page_topic.htm这样命名,后首先被
搜索引擎录入
因此,最好这种静态页面发布的cms可以将文件名自动命名为
page_title_publish_date.htm
因为一个页面的title自然是和页面的topic相关的,呵呵,除非乱起title |
|
g******d
发帖数: 157 | 41 reseller hosting也就是你说的代理,有点想零售商。
比如一次性卖给你2G的空间和30G的月流量,你可以自由
把这些资源化成小块零售给别人。你不用担心服务器
的安全和服务器方面的技术支持。但是你得做客户方面的
客户支持。
如果你自己网站多的化最好弄一个reseller accounnt,
原因是很多hosting plan, 比如ipowerweb的800M
空间,扑通网站根本用不完,但是那个空间你没有办法
细分到各个域名(熟悉.htaccess的也许可以自己做,但是
还是不专业)。如果你有800M的reseller account,
你可以分成10个plan或者更多。
俺有20个域名闲置不用,全都给分了2M的空间,呵呵,
加上一页内容和连向我其他网站的热链接,应该可以
提高PageRank.
很多大的 hosting 公司都同时提供reseller
account. |
|
|
|
f**u
发帖数: 559 | 44 I will give a try tonight.
I checked Options Indexes
"If a URL which maps to a directory is requested, and the there is no
DirectoryIndex (e.g., index.html) in that directory, then the server will
return a formatted listing of the directory."
I wish it works with .htaccess foward feature.
thanks.fufu |
|
k***g
发帖数: 7244 | 45 呵呵,不好意思,没有及时回你的信。 实现clean url需要.htaccess支持modRewr
ite. 大致的语法如下(根据你的网站更改)
RewriteEngine on
在这里用 RewriteCond 来编写你的rewrite规则,这个规则的详细解释可以在网上
google到。
如果想实现tag功能或是 folksnomy 估计你还是需要重写你的系统,或者借用 现成
的 CMS,嘿嘿,俺还是推荐Drupal:),但让MT,Mambo什么的也不错 |
|
|
t******g
发帖数: 10390 | 47 还是你说的不明白。
比如那个pdf,是别人只能在线阅读但是不能另存?
还是只是能看到连接,但点击下载的话要密码?
后者的我能想到如何实现,
比如放到一个带.htaccess的目录下就行。
前者我不知道。 |
|
m**********e
发帖数: 12525 | 48 两种方法,一种你把这个文件放子目录下面,用.htaccess控制访问
还有如果不放子目录的话,就得用SSI控制访问,具体就比较复杂了.
至于各位说的pdf加密什么的,不可取,因为pdf的access 密码几秒
钟就能破解了.
以
以 |
|
l********r
发帖数: 140 | 49 5555....
I use GoDaddy's web host. They only provide shell access to higher paid plans,
not the cheapest plan. :-(
About phpMyAdmin, I only see "export", no "import". Is that because my host
provider disabled it? My feeling is that GoDaddy's host is cheap but quite bad
, even disable all the htaccess settings for end user. :-(
Thanks anyway.
再 |
|
t*****t
发帖数: 72 | 50 如果一个网站的访问量比较大,如何协调 httpd.conf 和 .htaccess 的任务?大网站会
不会经常 restart?多谢。。 |
|
