On Sat, 2007-02-10 at 18:16 +0530, ankush grover wrote: > I have configured a HelpDesk Ticketing System on Fedora Core 5. The > problem I am facing is that there is a file called "site.xml" which > contains the information about database connections and I don't want > ppl to be able to read that file through browser. As per the > readme.htm of that software if the below entries will be put > in .htaccess then nobody can read the xml through browser. > > <Files ~ ".xml"> Looking at the Apache manual, you might want to write that as: <Files ~ "\.xml$"> Escaping the dot, as the dot is part of wildcarding, and you want the dot to be treated as a dot. And the $ signifies that the filename ends at that point, so you wouldn't mismatch on something that didn't end with ".xml" (e.g. accidentxml). Yours would deny access to a file named somethingxmlwhatever, whereas my more specific wildcarding does not. > Order allow,deny > Deny from all > Satisfy All > </Files> > > > Even though the above entries are there in .htaccess still I am able > to read "site.xml" file. How do I prevent the reading of this file ? AllowOveride needs to be allowed, to make use of .htaccess files. Is that set in the main configuration? Perhaps as "AllowOverride Limit". What you provided, worked on my Apache, as it already was (as mine is set). It also worked with the modification I suggested. What about turning off the world-readable protection bit? That'd work if the file was owned by whatever does need to be able to read the file. Key question: Why's a file that's not meant to be served in a directory for files to be served. -- (This PC runs FC4, my others FC5 & FC6, in case that's important to the thread) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
