Visit Our UNIX and Linux User Community


Deny access from all users, except PHP application installed in same domain


 
Thread Tools Search this Thread
Top Forums Web Development Deny access from all users, except PHP application installed in same domain
# 1  
Old 11-10-2010
Deny access from all users, except PHP application installed in same domain


Hi to all,

Please, some help over here. IŽll try to be as much clear I can.

In summary my problem is:
I have a PHP application installed in a folder of my domain that reads CSV.txt files from
another folder in my domain and I need to restrict direct access to see and download these CSV.txt
files for all users through web browsers, except for the PHP application.

In more detail the scenario is:
- I have mydomain.com working with a CMS normally.
- I created a folder within mydomain.com-->mydomain/myfolder/
- Whithin this folder I installed a PHP application that runs independently of the CMS
application installed in mydomain.com
- This PHP application installed in mydomain/myfolder/ get products from CSV files to load into a MySQL DB.
- This products are stored in /public_html/products-to-show/recents/
- The PHP application runs a cron link to refresh the products data base.
- The refresh link used by cron job is the URL of the folder /public_html/products-to-show/recents/ in this case is
http://www.mydomain.com/products-to-show/recents/ (and can be accessed by any user)
- The link used by cron must be a URL because If I use a folder outside public_html, (e.g. /public_ftp/products/) I can`t
say to the PHP application how to reach that path.


If I restrict privileges from folder with user and password, I receive a fopen() error in my
PHP application execution, and for my little knowledge of PHP is very dificult for me to modify
any file of the PHP application without affecting the normal behaviour of the script.

I`ve tried putting a .htacces file within /public_html/products-to-show/recents/ containing the following
lines of code.

Code:
/public_html/products-to-show/recents/.htaccess
# Restricting access to users
#Order allow,deny
#deny from all



This .htacces effectively restricts direct URL access for all users through web browsers showing a 403 error (nice!),
but it restricting the access to my PHP appliaction either (too bad) when I expected the opposite because is an access
from the same IP and the same domain where my PHP application resides.

May please someone help me out to solve this issue I have?


Any help would be very appreciated.

Best regards.


---------- Post updated 10-11-10 at 12:45 AM ---------- Previous update was 09-11-10 at 01:28 AM ----------

Well, I come back answer my own question Smilie, after searching and searching with a really easy solution, I was only needing to add one more line of code in .htaccess file.

Code:
#Deny access for all users (all IPs), except the same domain IP
Order allow,deny
deny from all
allow from xxx.xxx.xxx.xxx
ErrorDocument 403 /403.html

Looks very easy when we know what we have to do. After viewing some .htacccess programming, I get with the solution I was looking for.

Thanks.

Best regards.

Last edited by cgkmal; 11-09-2010 at 03:38 AM.. Reason: for more friendly reading

Previous Thread | Next Thread
Test Your Knowledge in Computers #39
Difficulty: Easy
IC chips for computer systems are usually made of silicone.
True or False?

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Bash find version of an installed application but if none is found set variable to App Not Installed

Hello Forum, I'm issuing a one line bash command to look for the version of an installed application and saving the result to a variable like so: APP=application --version But if the application is not installed I want to return to my variable that the Application is not installed. So I'm... (2 Replies)
Discussion started by: greavette
2 Replies

2. AIX

Username and installed application on AIX.

Hi, I am looking to get a list of applications and corresponding user who installed the same (owner) on AIX host. Can anyone confirm how can this information be retrieved? We can use "rpm" to get list of packages available on AIX, but is there a way to get the corresponding user as well for... (2 Replies)
Discussion started by: Vipin Batra
2 Replies

3. HP-UX

List of installed application on HP-UX

Hi All, I am trying to list down all the installed application/packages on hp-ux machine in below format : packagename:<application/package name> ; <application/package version> ; <application/package vendor> can someone suggest with small script for this.Will swlist command give... (4 Replies)
Discussion started by: omkar.jadhav
4 Replies

4. Solaris

samba read write access to owner and no access to other users

Hi All, I want to configure samba share permission so that only directory creator/owner has a read and write permission and other users should not have any read/write access to that folder.Will that be possible and how can this be achieved within samba configuration. Regards, Sahil (1 Reply)
Discussion started by: sahil_shine
1 Replies

5. Emergency UNIX and Linux Support

Configure Squid to use LDAP group auth to deny internet access

Hi all We have squid-2.5.STABLE11-3.FC4 running in our environment. LDAP authentication works fine. Active Directory 2003 Users are prompted to enter credentials every time they access the net. The system works perfectly, but I need to configure Squid to block users in a specific AD group.... (1 Reply)
Discussion started by: wbdevilliers
1 Replies

6. Red Hat

Giving access to non root users to run application

Hi All, I have created an RPM installer and installed it via ROOT user & which works fine on Red Hat. But the problem oocurs when a non root users try to run that application (from their account), it never got executed (being it has the execute permission i.e. chmod a+x somefile.sh). I want... (6 Replies)
Discussion started by: jw_amp
6 Replies

7. AIX

Does ACL can only grant/deny access for specific command?

Dear AIX/UNIX experts: I have a demand to restricted a file to be copy by others, but this file must can be read by others/Applications. As I tried, the chmod command cannot fulfill this requirement. But not sure if the ACL can achieve this function or not ? Could anybody give me your... (8 Replies)
Discussion started by: devyfong
8 Replies

8. UNIX for Dummies Questions & Answers

kernel giving access for multiple users to access files

hi all, i want to know y kernel is giving access for multiple users to access a file when one user may be the owner is executing that file. Because other user can manipulate that file when the other user is executing that file, it will give the unexpected result to owner . plz help me... (1 Reply)
Discussion started by: jimmyuk
1 Replies

9. Shell Programming and Scripting

how i can make one ip access to ftp account and deny others

HI I want to make only one IP can access to ftp acount in cpanel or by shell can any body help me ? (1 Reply)
Discussion started by: elkadrey
1 Replies

10. Solaris

how to deny ftp access

Hi , I want to deny ftp access to some user. Currently I don't have /etc/ftpusers file. From the man page , i can modify the login shell at /etc/passwd to invalid one. How to add it ? replaced with /dev/null or something. If you have any other method to disabled it . Pls show me. My FTP is... (10 Replies)
Discussion started by: skully
10 Replies

Featured Tech Videos