Spring cleaning time ...
I have a number of older dynamically built sites that are still using .htaccess
to limit access to areas that only PHP needs to read. This is the simply way of
doing things, but I am looking to current practice, and the performance hit may
well be something I need to be concerned about?
What is the tidiest way to limit access via the <Directory> entry ( or do I need
multiple entries? ) so that people can download content in the storage area, but
only access the functions (PHP pages) in the various packages?
Each package has it's own directory under root, and some packages are only using
'internally', but despite having some directories specifically blocked in the
robots.txt file, they are still being trawled by search engines and I think I
need to restore the .htaccess set-up in each?
Basically should I just 'deny all' on route and then open holes to the bits that
need to be visible? The storage directory is easy, and .php in the accessible
packages, but it's the .js, .css, icons and style elements that seem confusing.
In practice, the basic structure of the project may be wrong for the way Apache
now expects to work, but keeping everything related to a bundle like 'wiki' in
one directory allows a modular approach which IS working well otherwise.
--
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
