Limiting web access to several directories

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Limiting web access to several directories

Postby Dave_L » 04. September 2007 18:38

I've added the following to httpd.conf to block web access (password-protect) the directories and files that XAMPP creates, so that only the directories I create are publicly accessible:

Code: Select all
<Directory ~ "C:/xampp/htdocs/(contrib|forbidden|modperl|modperlasp|restricted|xampp)">
AuthName "Restricted"
AuthType Basic
AuthUserFile "C:\xampp\security\xampp.users"
Require valid-user
</Directory>

<Directory "C:/xampp/htdocs">
<Files ~ "apache">
AuthName "Restricted"
AuthType Basic
AuthUserFile "C:\xampp\security\xampp.users"
Require valid-user
</Files>
</Directory>


Is there a simpler way of doing this? Ideally, I'd like to "negate" a regex pattern, so that I can list the directories I've created, and block access to everything else. But I couldn't figure out a way of doing that with the Apache directives.
User avatar
Dave_L
 
Posts: 212
Joined: 23. October 2004 00:43

Postby ldivinag » 05. September 2007 10:20

well, first dont use the default HTDOCS and all of the sub dirs under it. that is if you are using xampp for a production server.

create a new one just tell apache where it is.

then create .htaccess for any subdir you wanna protect.

then just copy and paste (and then edit the appropriate values):
AuthName "Restricted"
AuthType Basic
AuthUserFile "C:\xampp\security\xampp.users"
Require valid-user


authname = whatever you wanna name it
authuserfile = create this password file using htpasswd. again, this can be anywhere and any filename. just edit this line CAREFULLY or else it wont find the proper password file to authenticate to...
leo d.
User avatar
ldivinag
 
Posts: 40
Joined: 19. April 2006 04:18


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 49 guests