__/ [Justin] on Sunday 11 September 2005 13:30 \__
> "Roy Schestowitz" <newsgroups@xxxxxxxxxxxxxxx> wrote in message
> news:dfqv7e$2occ$2@xxxxxxxxxxxxxxxxxxxx
>> __/ [Justin] on Thursday 08 September 2005 15:49 \__
>>
>>> Hi there,
>>>
>>> Just having a few issues with authentication on my server.
>>> I am trying to apply basic authentication to my root directory, but not
>>> all of the sub-directories. How can i apply authentication to only the
>>> root?
>>>
>>> Anyone got any tips?
>>>
>>> Thanks in advance
>>>
>>> Justin
>>
>> Have you considered using some hard or soft links, re-directing from root
>> directory or relocating its content (transparently) to a subfolder that
>> requires authentication to access? You can deny access to everything in
>> the
>> root directory and shift its public content in a way that does not expose
>> the structure, e.g. URL re-writes...
>>
>> Roy
>
> Hi Roy,
> Sorry to sound ignorant, but how would hard/soft links help?
>
> There is just one subdirectory that i dont want the authentication to be
> applied to.
> eg) /research <- root directory with basic authentication
> /research/tests <- subdirectory that i dont want authentication on.
>
> Is there a way to prevent the authentication i apply to the research
> folder following down to the tests directory too?
>
> Thanks again
>
> Jus
Hi Justin,
I used to do something very similar with ~/Research on my domain (almost
everything is public now). To achieve this effect I incorporated an
HTML/JS-based password protection (gateway page). It is not the safest
solution, but if it suits you, read on.
Have a look at the page below:
http://www.schestowitz.com/Research
For historical reasons, it meta-redirects to
http://www.schestowitz.com/res.htm
The crossed-out text is what used to serve as the "I have the password,
please let me in" link. If you follow that link you will be asked for a
pseudo-password, which is in fact the relative URL excluding the suffix.
So, the 'password' is (was) in fact: /Research/resindex
If you allow visitors to access /Research/example, curious ones among them
can ascend one level up to /Research/ and get served index.html (or PHP,
shtml, htm as specified in your Apache settings). To prevent this from
being so 'hackable', assign a mysterious name to the main page e.g.
barmuda.html and set index.html to serve some page like:
http://www.schestowitz.com/Research/Notes/ (yes, it is supposed to be
blocked because subdirectories are private)
I urge you to avoid plentiful mentionings of names. Particularly, be careful
when mentioning names of your superordinates in public pages. People
ego-surf.
Hope it helps,
Roy
--
Roy S. Schestowitz | /earth: file system full
http://Schestowitz.com | SuSE Linux | PGP-Key: 74572E8E
3:20pm up 17 days 13:48, 3 users, load average: 0.58, 0.51, 0.66
|
|
