Allowing access to .htaccess

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
ashley
Forum Newbie
Posts: 5
Joined: Tue Apr 19, 2005 7:36 pm

Allowing access to .htaccess

Post by ashley »

Hello, I have a question about the possible security problems related to allowing a user access to their Access File, otherwise known as an .htaccess file.

The php script in question would only be allowed to write directives about the location of files/resources (marking pages gone, or available under a different url, etc), as well as only allowing internal redirects. The script wouldn't be allowed to write anywhere but within a specific section, between two specific hash-comments.

Obviously it would be password protected.

Is there any security difference between handling password protection between apache (using a passwd file) and using strictly php; either a database or a flat-file?

What should I look out for?

Is this just an overall bad idea?

Any other suggestions?
Post Reply