Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: .htaccess allow at directory level
Top Forums Web Development .htaccess allow at directory level Post 302738083 by molwiko on Friday 30th of November 2012 10:19:40 AM
Old 11-30-2012
Wrench .htaccess allow at directory level
Hi Guys

I have a web a site at the following directory
/var/www/
the website is containing a lot of sub directories.
/var/www/mywebsite/folder1
/var/www/mywebsite/folder2
/var/www/mywebsite/folder3
I would like to block all the website expect one user ex: user1 password1
who can see everything and another user who can see only folder2 ex: user2 password1

Code:
AuthType Basic
AuthName htaccess
AuthUserFile /var/www/.secret
AuthGroupFile /dev/null
#<Limit GET POST>
#order deny,allow
#deny from all
#require user Loylogic
#require user Ates
#</Limit>
require user user1
SetEnvIf Request_URI "(/var/www/mywebsite)$" allow
Order allow,deny
Allow from env=allow
Satisfy any
require user user2
SetEnvIf Request_URI "(/var/www/mywebsite/folder1)$" allow
Order allow,deny
Allow from env=allow
Satisfy any

the issue this code doesn't work can you please help to sort to this our thanks
Last edited by Corona688; 11-30-2012 at 11:30 AM..
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

htaccess

Something is wrong. I do everything right make the .htaccess file and stuff, but when I try the htpasswd command it says command not found. I use Putty SSH client and I think server is running RedHat 7.1 with Apache some version. HELP!!! (1 Reply)
Discussion started by: _hp_
1 Replies

2. UNIX for Advanced & Expert Users

MV files from one directory structure(multiple level) to other directory structure

Hi, I am trying to write a script that will move all the files from source directory structure(multiple levels might exist) to destination directory structure. If a sub folder is source doesnot exist in destination then I have to skip and goto next level. I also need to delete the files in... (4 Replies)
Discussion started by: srmadab
4 Replies

3. Shell Programming and Scripting

How to exclude top level directory with find?

I'm using bash on cygwin/windows. I'm trying to use find and exclude the directory /cygdrive/c/System\ Volume\ Information. When I try to use the command below I get the error "rm: cannot remove `/cygdrive/c/System Volume Information': Is a directory. Can someone tell me what I am doing... (3 Replies)
Discussion started by: siegfried
3 Replies

4. Solaris

Difference between run level & init level

what are the major Difference Between run level & init level (2 Replies)
Discussion started by: rajaramrnb
2 Replies

5. Shell Programming and Scripting

How to parse filename and one level up directory name?

Hello Experts, I need little help with parsing. I want to parse filename and one level up directory name. sample $1 will consists of /home/username/ABC1/rstfiles4.log /home/username/ABC4/rstfiles2.log /home/username/EDC7/rstfiles23.log /home/username/EDC6/rstfiles55.log... (8 Replies)
Discussion started by: Shirisha
8 Replies

6. UNIX for Dummies Questions & Answers

Redirect with htaccess to upper level folder, how to?

Hello, Well I have a web with a very bad structure (a vBulletin forum) and I want it redirected to a newer folder in the same server but with a upper level folder. Current structure is: https://www.unix.com/vbulletin/upload/index.php And I want it to be:... (0 Replies)
Discussion started by: Rafaweb
0 Replies

7. Shell Programming and Scripting

How to get top level parent directory

Hi All, I have a directory like this: /u01/app/oracle/11gSE1/11gR203 How do i get the top level directory /u01 from this? Tried dirname and basename but dint help. I can this using echo $ORACLE_HOME | awk -F"/" '{print "/"$2}'. But I am trying to find out if there is a better way of doing it... (4 Replies)
Discussion started by: nilayasundar
4 Replies

8. Red Hat

SSL certificate generation on OS level or application level

We have a RHEL 5.8 server at the production level and we have a Java application on this server. I know of the SSL certificate generation at the OS (RHEL) level but it is implemented on the Java application by our development team using the Java keytool. My doubt is that is the SSL generation can... (3 Replies)
Discussion started by: RHCE
3 Replies

9. UNIX for Beginners Questions & Answers

Move all files one directory level up

I want to move all the files in a given directory up one level. For example: Dir1 Subdir1 I want to move all the files in Subdir1 up to Dir1 (then I want to ultimately delete Subdir1) Thanks, Ted (10 Replies)
Discussion started by: ftrobaugh
10 Replies

LEARN ABOUT REDHAT

upsset.conf

UPSSET.CONF(5)						      Network UPS Tools (NUT)						    UPSSET.CONF(5)

NAME

       upsset.conf - Configuration for Network UPS Tools upsset.cgi

DESCRIPTION

       This  file  only  does  one  job - it lets you convince upsset.cgi(8) that your system's CGI directory is secure.  The program will not run
       until this file has been properly defined.

SECURITY REQUIREMENTS

       upsset.cgi(8) allows you to try login name and password combinations.  There is no rate limiting, as the program shuts down  between  every
       request.  Such is the nature of CGI programs.

       Normally,  attackers would not be able to access your upsd(8) server directly as it would be protected by the ACCESS/ACL directives in your
       upsd.conf(5) file and hopefully local firewall settings in your OS.

       Since upsset runs on your web server, it could provide a passage from the outside to the inside,  bypassing  any  firewall  rules  or  upsd
       access control limitations, since it appears to be coming from the web server.  This is why you must secure it first.

       On  Apache,  you can use the .htaccess file or put the directives in your httpd.conf.  It looks something like this, assuming the .htaccess
       method:

		   <Files upsset.cgi>
		   deny from all
		   allow from your.network.addresses
		   </Files>

       You will probably have to set "AllowOverride Limit" for this directory in your server-level configuration file as well.

       If this doesn't make sense, then stop reading and leave this program alone.  It's not something you absolutely need to have anyway.

       Assuming you have all this done, and it actually works (test it!), then you may add the following directive to this file:

	    I_HAVE_SECURED_MY_CGI_DIRECTORY

       If you lie to the program and someone beats on your upsd through your web server, don't blame me.

SEE ALSO

       upsset.cgi(8)

   Internet resources:
       The NUT (Network UPS Tools) home page: http://www.exploits.org/nut/

       NUT mailing list archives and information: http://lists.exploits.org/

								  Tue Jul 30 2002						    UPSSET.CONF(5)
All times are GMT -4. The time now is 07:09 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy