I need to protect a folder I have tried htaccess but might be doing something wrong. My service provider can charge me £15 a year to protect things but I thought it is simply a question of placing a few files in the folder I want to protect.

Desmond.

    there are several ways to "protect" a folder, and your options are limited to what the host has made available. if possible, editing the folder permissions (chmod) is quickest. however, without knowing exactly how you wish to protect the folder (ie. do you want to pwd protect it? block it from spiders? hide the index?), it is difficult to advise a course of action. tell us a bit more about what you're intending to accomplish. also, show us what you've tried with .htaccess

      Ok
      I have a dozen web pages all php and some require log in and two will require login details & validation.

      I have 2 files which at the moment are config.inc & functions.ini (I know i should change them to php for better security)

      The config file has user name password so needs securing.
      The functions page has all the conecction functions as well as other encription and logging functions.

      If i (leaving them as .inc) created a sub folder and placed them in there and maybe some hacker tried to access this folder he would need to supply a user name and password. These 2 files are kept secure.

      I can supply detailed information about my hosting setup if needed.

      Desmond.

        If you are using Apache, read the security tips, in particular the section on "Protect Server Files by Default".

          I am not using Apachi myself. I am writing all this on a home windows based computer. I use phpdesigner for my code. and ftpsurfer.
          I am on a shared hosting system

          Linux fhlinux190.fasthosts.co.uk 2.4.21-53.ELsmp #1 SMP Wed Nov 14 03:54:12 EST 2007 i686

          I get this
          /home/fhlinux190/d/des-otoole.co.uk/user/htdocs

          Iwrote a .htaccess file in text mode and placed it in a folder MyPrivate. That is
          /user/htdocs/MyPrivate

          content =

          AuthType Basic
          AuthName "Keepout"
          AuthUserFile /user/htdocs/MyPrivate/.pwds

          Require valid-user

          I wrote a text based file .pwds and placed it in user as this is the lowest I can get

          Contents

          desmond:otuatail

          not sure if there was a /r/n at the end

          Desmond.

            I tried setting acces to 444 and sub folders but it keeps changing it to
            744 Owner Read + Write + Execute and disables sub folders.

              otuatail wrote:

              I am not using Apachi myself.

              No, but your site is (an oldish version, but nevertheless fhlinux190 is an Apache server).

                Write a Reply...