Page 1 of 1

1.6.1 htdocs/xampp/sqlite/.htaccess

PostPosted: 07. May 2007 19:44
by Dave_L
[XAMPP 1.6.1 for linux]

The file /opt/lampp/htdocs/xampp/sqlite/.htaccess contains:

Code: Select all
# nobody should be able to access this directory by http (oswald, 31oct03)
AuthName "impossible"
AuthType Basic
require valid-user

That .htaccess file does not prevent access to the directory. I suggest changing it to:

Code: Select all
# This folder does not require access over HTTP
# (the following directive denies access by default)
Order allow,deny

PostPosted: 08. May 2007 01:49
by Dave_L
I just noticed the XAMPP bug tracker, and reposted there:

Is the bug tracker still the preferred place to post stuff like this?

PostPosted: 08. May 2007 07:03
by Kristian Marcroft
Hi Dave,

if you actually want to restrict access the "Order" should always be "deny, allow".
Yes the bug tracker is the prefered way for bug reporting.


PostPosted: 08. May 2007 10:31
by Dave_L
Thanks. I've never fully understood the Order directive. I copied that example from /opt/lampp/phpmyadmin/libraries/.htaccess.

I've also used "Deny from all" without an Order directive, and it seems to work too.

PostPosted: 08. May 2007 13:40
by Wiedmann
Dave_L wrote:Order allow,deny

That's also correct.

A "Order Allow,Deny" without any following "Allow" or "Deny" directive, denies the access for all.

On the other side a "Order Deny,Allow" without any following "Allow" or "Deny" directive , allows the access for all.