Table of Contents
Introduction
Information Tags
String Tags
Variable Tags
URL Tags
If Tags
Graphics Tags
Database Tags
Programming Tags
Supports System
SSI
htaccess
Image Maps
Appendix
|
.htaccess
A .htaccess file consists of lines containing
directives. Apart from the Limit; directive, all
directives have the form
directive argument(s)
where argument(s) is one or more arguments. The
directives supported are:
- AuthUserFile
-
Use this user and password file to authentificate users. Typically,
the AuthUserFile is called .htpasswd
- AuthGroupFile
-
Use this group file, which contains a database of which groups users
are member of. Typically, the AuthGroupFile is called
.htgroup, if used.
- AuthName
-
Set the authentication realm, which can be any name you choose. The
name will be used to tell browsers how to label user
authentications within a session, so that the browsers can
automatically repeat passwords the user has already entered when
accessing new pages with the same access requirements.
- Redirect
-
Redirect all accesses for pages in the directory to this URL.
- ErrorFile
-
Show this page in case the requested page could not be found, maybe
because the user did not have permission to view it.
Then there is the <Limit> container tag. The
attributes are the HTTP method(s) that access should be limited
to, GET, PUT, POST or HEAD. The contents
of the tag are access control directives, one directive on each
line. Possible directives are:
- allow from address
deny from address -
Allow or deny access to users from a DNS domain or IP
number. www.roxen.com means the computer while
.roxen.com means all computers on the domain
roxen.com. The same way 194.52.202.3 means the
computer while 194.52. means the net starting with
194.52
- require user user(s)
require group group(s) -
Allow access only for the named user(s) or group(s).
- require valid-user
-
Allow access to any user present in the AuthUserFile or
Authentification module.
- satisfy all
satisfy any -
Decide what happens if both require and allow rules are
present; all indicates that the user must satisfy both kinds of
requirements, while any means that it is enough that the user
satisfies either kind.
- order deny,allow
order allow,deny
order mutual-failure -
The order rules decides how to prioritize deny and allow rules.
If the order is set to deny,allow, deny rules will be processed
before allow rules. With allow,deny, allows will be processed
before denies, and with mutual-failure, hosts allowed by any
allow rule will be allowed, and other hosts
denied. Deny,allow is the default.
The rule evaluation does not stop until all rules have been
processed, so the earlier a rule is processed, the lower priority is
has in determining access. This only matters when different rules
contradict each other, for instance when a wide-ranging deny rule
forbids access to a certain domain, and an allow grants access to a
smaller part of the domain.
Example
A typical .htaccess file would look something like
this:
AuthUserFile /home/frotz/.htpasswd
AuthGroupFile /home/frotz/.htgroup
AuthName MyTestDomain
AuthType Basic
<Limit PUT HOST HEAD>
require user frotz
</Limit>
<Limit GET>
allow from all
</Limit>
The .htaccess file above would allow everyone to GET
documents in the directory, but all other kinds of access would be
restricted to the user frotz, and expect this user to login with the
password listed for that user in the .htpasswd file in the
user frotz's home directory.
|