Re: how to prevent reading of xml file from browser under a particular directory on FC5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2007-02-10 at 18:16 +0530, ankush grover wrote:
> I have configured a HelpDesk Ticketing System on Fedora Core 5. The
> problem I am facing is that there is a file called "site.xml" which
> contains the information about database connections and I don't want
> ppl to be able to read that file through browser. As per the
> readme.htm of that software if the below entries will be put
> in .htaccess then nobody can read the xml through browser.
> 
> <Files ~ ".xml">

Looking at the Apache manual, you might want to write that as:
  <Files ~ "\.xml$">

Escaping the dot, as the dot is part of wildcarding, and you want the
dot to be treated as a dot.  And the $ signifies that the filename ends
at that point, so you wouldn't mismatch on something that didn't end
with ".xml" (e.g. accidentxml).

Yours would deny access to a file named somethingxmlwhatever, whereas my
more specific wildcarding does not.

>   Order allow,deny
>   Deny from all
>   Satisfy All
> </Files>
> 
> 
> Even though the above entries are there in .htaccess still I am able
> to read "site.xml" file. How do I prevent the reading of this file ?

AllowOveride needs to be allowed, to make use of .htaccess files.  Is
that set in the main configuration?  Perhaps as "AllowOverride Limit".
What you provided, worked on my Apache, as it already was (as mine is
set).  It also worked with the modification I suggested.

What about turning off the world-readable protection bit?  That'd work
if the file was owned by whatever does need to be able to read the file.

Key question:  Why's a file that's not meant to be served in a directory
for files to be served.

-- 
(This PC runs FC4, my others FC5 & FC6, in case that's important
 to the thread)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux