468,278 Members | 1,565 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,278 developers. It's quick & easy.

scheme for access control

Hi,

Based on some info on this newsgroup, I'm trying to password protect a
directory of both PHP, HTML, and image files. The web server is Apache
2 and PHP is 4.4.4. I created this .htaccess file

RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} !^accesscontrol.php
RewriteRule ^(.*?)$ accesscontrol.php?file=$i&%{QUERY_STRING} [NC,L]

and then, just to check to make sure requests were hitting hte
accesscontrol.php file, I created accesscontrol.php to look like below
....

<?php

header('HTTP/1.0 401 Unauthorized');
exit;

?>

so theoretically, every request should result in a 401. However, when
I visit a page in the directory where this stuff is stored, I can view
the page just fine. Why is the above failing to filter my requests?

Thanks, - Dave

Oct 26 '06 #1
4 1177
Rik
la***********@zipmail.com wrote:
Hi,

Based on some info on this newsgroup, I'm trying to password protect a
directory of both PHP, HTML, and image files. The web server is
Apache 2 and PHP is 4.4.4. I created this .htaccess file

RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} !^accesscontrol.php
RewriteRule ^(.*?)$ accesscontrol.php?file=$i&%{QUERY_STRING} [NC,L]
Hey, I know that code from somewhere :-)

It works here, be sure to start you're .htaccess with:
RewriteEngine On

Ans that mod_rewrite is offcourse enabled etc.

And this:
RewriteCond %{REQUEST_FILENAME} !^accesscontrol.php
should be:
RewriteCond %{REQUEST_FILENAME} !^accesscontrol\.php
--
Rik Wasmus
Oct 26 '06 #2
You're the man, Rik. You wouldn't happen to know how to enable the
mod_rewrite module in Apache 2's httpd.conf file, would you?

Thanks, - Dave

Rik wrote:
la***********@zipmail.com wrote:
Hi,

Based on some info on this newsgroup, I'm trying to password protect a
directory of both PHP, HTML, and image files. The web server is
Apache 2 and PHP is 4.4.4. I created this .htaccess file

RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} !^accesscontrol.php
RewriteRule ^(.*?)$ accesscontrol.php?file=$i&%{QUERY_STRING} [NC,L]

Hey, I know that code from somewhere :-)

It works here, be sure to start you're .htaccess with:
RewriteEngine On

Ans that mod_rewrite is offcourse enabled etc.

And this:
RewriteCond %{REQUEST_FILENAME} !^accesscontrol.php
should be:
RewriteCond %{REQUEST_FILENAME} !^accesscontrol\.php
--
Rik Wasmus
Oct 26 '06 #3
Rik
la***********@zipmail.com wrote:
You're the man, Rik. You wouldn't happen to know how to enable the
mod_rewrite module in Apache 2's httpd.conf file, would you?
Normally it's there, just remove the ';' in front of it.
--
Rik Wasmus
Oct 26 '06 #4
Rik wrote:
la***********@zipmail.com wrote:
>Hi,

Based on some info on this newsgroup, I'm trying to password protect a
directory of both PHP, HTML, and image files. The web server is
Apache 2 and PHP is 4.4.4. I created this .htaccess file

RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} !^accesscontrol.php
RewriteRule ^(.*?)$ accesscontrol.php?file=$i&%{QUERY_STRING} [NC,L]

Hey, I know that code from somewhere :-)

It works here, be sure to start you're .htaccess with:
RewriteEngine On

Ans that mod_rewrite is offcourse enabled etc.

And this:
RewriteCond %{REQUEST_FILENAME} !^accesscontrol.php
should be:
RewriteCond %{REQUEST_FILENAME} !^accesscontrol\.php
This looks to me like a much more complicated solution than using
mod_auth_external.

Colin
Oct 29 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

699 posts views Thread by mike420 | last post: by
reply views Thread by Philippe Poulard | last post: by
6 posts views Thread by James Owens | last post: by
16 posts views Thread by Patty O'Dors | last post: by
1 post views Thread by rdemyan via AccessMonster.com | last post: by
1 post views Thread by Robby Findler | last post: by
7 posts views Thread by laredotornado | last post: by
reply views Thread by NPC403 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.