j.silver Posted November 30, 2016 Share Posted November 30, 2016 Dear all, As you know, an .htaccess file placed in a directory to be affected (protected) is useful in websites hosted in an Appache server to protect such directories from prying eyes. But I have noticed that recommendation is to place such files inside certain directories only, e.g., inside includes and views (that contains home page, shopping cart, listing of products, etc.) directories. I thought we could as well protect all other directories should there be no downside to protecting all. Any thoughts on why we should not include an .htaccess file inside all directories will be appreciated. Link to comment Share on other sites More sharing options...
Ingolme Posted November 30, 2016 Share Posted November 30, 2016 You wouldn't need it inside directories you don't want to protect. The more directories you have, the harder it's going to be to keep track of all your .htaccess files. You could also just have one .htaccess file in the root and use directives to choose which folders and files to protect. Link to comment Share on other sites More sharing options...
j.silver Posted November 30, 2016 Author Share Posted November 30, 2016 Many thanks Ingolme You could also just have one .htaccess file in the root and use directives to choose which folders and files to protect. Which of the two methods (placing it inside the desired directory or your above suggestion) is better in terms of better protection or overall performance of the website or any other reason? Link to comment Share on other sites More sharing options...
Ingolme Posted November 30, 2016 Share Posted November 30, 2016 Both options are exactly the same regarding protection and performance. The method you use depends on which one you find easier to maintain. Do you prefer larger amount of code in one file or small pieces of code in multiple files? Link to comment Share on other sites More sharing options...
j.silver Posted November 30, 2016 Author Share Posted November 30, 2016 Many thanks for your clarification. I have not come across how to do it the way you suggested. I would appreciate sharing any handy reliable source of example of how to do it, or I would just search the web. Link to comment Share on other sites More sharing options...
justsomeguy Posted November 30, 2016 Share Posted November 30, 2016 The Apache project recommends that instead of using .htaccess files, you put all directives in the main server configuration file, so that Apache does not need to scan for and process .htaccess files in every directory when someone requests a file. If you want to put rules for several directories inside one file, you can use location directives to say what each set of rules applies to. .htaccess files will also affect directories below the directory they are in, so it is redundant to put them in every directory unless the settings for each directory are different than their parent. Link to comment Share on other sites More sharing options...
thescientist Posted December 1, 2016 Share Posted December 1, 2016 The Apache project recommends that instead of using .htaccess files, you put all directives in the main server configuration file, so that Apache does not need to scan for and process .htaccess files in every directory when someone requests a file. I would second this. Here is the Apache documentation that is helpful in implementing this through server configuration instead of .htaccess https://httpd.apache.org/docs/trunk/rewrite/avoid.html Link to comment Share on other sites More sharing options...
codeminer Posted December 16, 2017 Share Posted December 16, 2017 (edited) i need help with this also this is the structure apache reads the config file so i read this is the order the directives should be in everything should go between the vitual host tags <VirtualHost *:80> DocumentRoot "C:/xampp/htdocs/example ServerName example.com <Directory /srv/www/example.com/public_html/images> Order Allow,Deny Allow from all Deny 55.1 </Directory> the .htacess is read at the same time as the directory <DirectoryMatch> <Directory ~> <Files> <FilesMatch> <Location> <LocationMatch> im trying to learn this right now this is as far as i have understood so far correct me if im wrong but this all should go inside you httpd-vhost.conf between your <VirtualHost*80>......</VirtualHost> Edited December 16, 2017 by codeminer Link to comment Share on other sites More sharing options...
justsomeguy Posted December 18, 2017 Share Posted December 18, 2017 I'm not sure what you're asking. You should have the virtual host sections defined in the config file, so if you want to change those then find where they are and change them. Link to comment Share on other sites More sharing options...
codeminer Posted December 19, 2017 Share Posted December 19, 2017 (edited) Merry Christmas i hope your doing well . I m try to create a per user dir so each user will be able to create there own music projects. in order to make it work i need to give each member their own directory i have everything built at this point but its all worthless with out each project having there own directories . i been trying to get a grip on its pretty slippery to grasp i have crashed apache so many times . if you have any input on this i would be greatful im not exactly sure where to start i created the virtual host need to understand how to set the user dir = path dont know if i should turn off the doc root once figure that i guess i need to go conf directives turn on the user dir module.so i want to do it right just need to find the beging and deal with each step here is directory structure main folder http login system ? i think i should put the login system outside the main folder and redirect once login users, home, ~username,public_html i have all the files that need to be shared in the the public html directory .need to know how to create the path/ to / files so i can get apache to load new instances of them when called Edited December 19, 2017 by codeminer Link to comment Share on other sites More sharing options...
codeminer Posted December 19, 2017 Share Posted December 19, 2017 i also agree with you the .htacess should go in the main conf file not only is it recomended its also easier to keep trac of Link to comment Share on other sites More sharing options...
kumkum Posted December 25, 2017 Share Posted December 25, 2017 Merry christmas, .htaccess files are a hidden files that are available on server to control the visitors of your website. .htaccess file is a configuration file which first detected and executed by Apache web server. In cpanel you can check the .htaccess file through the file manager. By default .htaccess files are hidden. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now