Forums / Install & configuration / .htaccess file does allow access to my root

.htaccess file does allow access to my root

« 
Previous topic
|
Install & configuration
|
Next topic
 »
Author Message

Clay Pereira

Thursday 29 July 2004 10:09:40 am

Hi,

When i added the .httacces file I can't get access to my site by just typing the hostname.
I have to include /index.php. What redirect do I have have to add to make it so I don't have to add the index.php.

Something apears to be wrong with my <FilesMatch".">

<FilesMatch ".">
order allow,deny
deny from all
</FilesMatch>

<FilesMatch "(index\.php|\.(gif|jpe?g|png|css|js|html|swf)|var(.+)storage.pdf(.+)\.pdf)$">
order allow,deny
allow from all
</FilesMatch>

Jose Velez

Thursday 18 November 2004 7:06:01 pm

I am having the same problem. Does anyone know how to fix this?

Espen Pedersen

Monday 06 June 2005 9:29:55 am

I experience the same thing. Anyone cracked this one?

kracker (the)

The Doctor

Monday 06 June 2005 9:49:11 am

I <b>always</b> removed / commented those lines out, if I used the .htaccess file. I just never mentioned it before .. hrm.

//kracker

Member since: 2001.07.13 || http://ezpedia.se7enx.com/

Espen Pedersen

Monday 06 June 2005 11:52:40 am

Thanks for you answer kracker, I have removed:

</i><FilesMatch ".">
order allow,deny
deny from all
</FilesMatch></i>

And I've tried accessing f.ex. a ini file directly and it's not possible, so I guess this should be OK.

<b>But now I've got the trailing slash problem</b>, and yes I have tried Ekkehard's suggestions found in this thread: http://ez.no/community/forum/install_configuration/htaccess_hidden_at_last

<b>But it does not work :'(</b>

Espen Pedersen

Monday 06 June 2005 12:10:52 pm

Hmm .. think I have a workaround, it's not pretty but I think it does the job.

The trailing slash problem is caused by the rewrite rule. The .htaccess shown below will deny access to certain kind of filetypes, it's a bit vulnerable as you have to provide all the file extensions by hand ...

If someone provides a more robust solution for this I would be pleased :)

php_value allow_call_time_pass_reference 0

<FilesMatch "\.(txt|tp|tlp|cache|info|sql|ini|php|sh|pdf|log|LOG|tr|ttf|ts|xml|cpp)">
order allow,deny
deny from all
</FilesMatch>

<FilesMatch "(index\.php|\.(gif|jpe?g|png|css|js|html)|var(.+)storage.pdf(.+)\.pdf)$">
order allow,deny
allow from all
</FilesMatch>

RewriteEngine On
#RewriteRule !\.(gif|jpe?g|png|css|js|html)|var(.+)storage.pdf(.+)\.pdf$ index.php

DirectoryIndex index.php

kracker (the)

The Doctor

Monday 06 June 2005 2:14:37 pm

<b>*smacks his own forehead*</b>

What version of apache are you using with eZ publish.

I had the very same problem with eZ publish 3 (or greater) on Apache 2 in a couple of specific instances over the last year.

So I wrote up a report, not exactly sure just what's going on ...
http://ez.no/community/bugs/ezurloperator_php_incompatibility_with_apache2

I also posted to the sdk-public list:
http://lists.ez.no/pipermail/sdk-public/2005-May/001279.html
http://lists.ez.no/pipermail/sdk-public/2005-May/thread.html#1279

//kracker
<i>Aesop Rock : Labor Day : Save Yourself</i>

Member since: 2001.07.13 || http://ezpedia.se7enx.com/

Espen Pedersen

Tuesday 07 June 2005 12:28:39 am

Here's my phpinfo() output

Apache/1.3.33 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.11 FrontPage/5.0.2.2635 mod_ssl/2.8.22 OpenSSL/0.9.7a

Thanks for the links, I'll read through them and see if it can help me :)