0
J'utilise un service d'hébergement web standard avec pour mes propres projets.Comment autoriser l'accès au sous-domaine mais pas l'accès au dossier dans Apache, htaccess?
Il a utilisé le domaine principal www et plusieurs sous-domaines. Je n'avais pas besoin d'utiliser des règles Apache ReWrite dans mes fichiers .htaccess, et la seule chose que je devais faire était de m'assurer que mes enregistrements CNAME étaient mis à jour. Tout a bien fonctionné, j'ai juste utilisé des autorisations pour limiter l'accès aux fichiers et dossiers ..
J'ai récemment installé Elgg au niveau principal www et maintenant tous mes sous-domaines, qui restent inchangés, donnent une erreur 403. Le message indique que mon fichier htaccess est le coupable.
Je voudrais savoir comment je peux configurer le fichier htaccess pour permettre aux sous-domaines comme gadgets.mydomain.com de fonctionner à nouveau mais ne pas autoriser l'accès à d'autres dossiers sous le même domaine? Aucune des autorisations n'a été modifiée. Elles restent 755.
Ceci est le fichier standard Elgg htaccess. Comment est-ce que je l'éditerais?
# Elgg htaccess directives
<Files "htaccess_dist">
order allow,deny
deny from all
</Files>
# Don't allow listing directories
Options -Indexes
# Follow symbolic links
Options +FollowSymLinks
# Default handler
DirectoryIndex index.php
############################
# BROWSER CACHING
# The expires module controls the Expires and Cache-Control headers. Elgg sets
# these for dynamically generated files so this is just for static files.
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 year"
</IfModule>
# Conditional requests are controlled through Last-Modified and ETag headers.
# Elgg sets these on dynamically generated cacheable files so this is just for
# static files. Note: Apache sends Last-Modified by default on static files so
# I don't think we need to be sending ETag for these files.
<FilesMatch "\.(jpg|jpeg|gif|png|mp3|flv|mov|avi|3pg|html|htm|swf|js|css|ico)$">
FileETag MTime Size
</FilesMatch>
############################
# PHP SETTINGS
<IfModule mod_php5.c>
# limit the maximum memory consumed by the php script to 64 MB
php_value memory_limit 64M
# register_globals is deprecated as of PHP 5.3.0 - disable it for security reasons.
php_value register_globals 0
# post_max_size is the maximum size of ALL the data that is POST'ed to php at a time (8 MB)
php_value post_max_size 8388608
# upload_max_filesize is the maximum size of a single uploaded file (5 MB)
php_value upload_max_filesize 5242880
# on development servers, set to 1 to display errors. Set to 0 on production servers.
php_value display_errors 0
</IfModule>
############################
# COMPRESSION
# Turn on mod_gzip if available
<IfModule mod_gzip.c>
mod_gzip_on yes
mod_gzip_dechunk yes
mod_gzip_keep_workfiles No
mod_gzip_minimum_file_size 1000
mod_gzip_maximum_file_size 1000000
mod_gzip_maximum_inmem_size 1000000
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/javascript$
mod_gzip_item_include mime ^application/x-javascript$
# Exclude old browsers and images since IE has trouble with this
mod_gzip_item_exclude reqheader "User-Agent: .*Mozilla/4\..*\["
mod_gzip_item_exclude mime ^image/.*
</IfModule>
## Apache2 deflate support if available
##
## Important note: mod_headers is required for correct functioning across proxies.
##
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.[0678] no-gzip
BrowserMatch \bMSIE !no-gzip
<IfModule mod_headers.c>
Header append Vary User-Agent env=!dont-vary
</IfModule>
# The following is to disable compression for actions. The reason being is that these
# may offer direct downloads which (since the initial request comes in as text/html and headers
# get changed in the script) get double compressed and become unusable when downloaded by IE.
SetEnvIfNoCase Request_URI action\/* no-gzip dont-vary
SetEnvIfNoCase Request_URI actions\/* no-gzip dont-vary
</IfModule>
############################
# REWRITE RULES
<IfModule mod_rewrite.c>
RewriteEngine on
# If Elgg is in a subdirectory on your site, you might need to add a RewriteBase line
# containing the path from your site root to elgg's root. e.g. If your site is
# http://example.com/ and Elgg is in http://example.com/sites/elgg/, you might need
#
#RewriteBase /sites/elgg/
#
# here, only without the # in front.
#
# If you're not running Elgg in a subdirectory on your site, but still getting lots
# of 404 errors beyond the front page, you could instead try:
#
#RewriteBase/
# If your users receive the message "Sorry, logging in from a different domain is not permitted"
# you must make sure your login form is served from the same hostname as your site pages.
# See http://docs.elgg.org/wiki/Login_token_mismatch_error for more info.
#
# If you must add RewriteRules to change hostname, add them directly below (above all the others)
# In for backwards compatibility
RewriteRule ^pg\/([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1&%{QUERY_STRING} [L]
RewriteRule ^pg\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2&%{QUERY_STRING} [L]
RewriteRule ^tag\/(.+)\/?$ engine/handlers/page_handler.php?handler=search&page=$1 [L]
RewriteRule ^action\/([A-Za-z0-9\_\-\/]+)$ engine/handlers/action_handler.php?action=$1&%{QUERY_STRING} [L]
RewriteRule ^cache\/(.*)$ engine/handlers/cache_handler.php?request=$1&%{QUERY_STRING} [L]
RewriteRule ^services\/api\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/service_handler.php?handler=$1&request=$2&%{QUERY_STRING} [L]
RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/?$ engine/handlers/export_handler.php?view=$1&guid=$2 [L]
RewriteRule ^export\/([A-Za-z]+)\/([0-9]+)\/([A-Za-z]+)\/([A-Za-z0-9\_]+)\/$ engine/handlers/export_handler.php?view=$1&guid=$2&type=$3&idname=$4 [L]
RewriteRule xml-rpc.php engine/handlers/xml-rpc_handler.php [L]
RewriteRule mt/mt-xmlrpc.cgi engine/handlers/xml-rpc_handler.php [L]
# rule for rewrite module test during install - can be removed after installation
RewriteRule ^rewrite.php$ install.php [L]
# Everything else that isn't a file gets routed through the page handler
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1 [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2 [QSA,L]
</IfModule>