Deploying a website
Moderator: General Moderators
Deploying a website
ok, this might sound like a ridiculously amateur question, but in reality ive never actually done this for an actual business website, only personal projects where my deployment requirements werent so important.
ive finished developing a website for a small business locally and i am ready to put the website live (hosting has been sorted already). however, the directory structure of the website requires some folders to be have restricted access.
e.g.
hostname/ [allow access]
hostname/Scripts [no access]
hostname/Admin [allow access]
hostname/Admin/Scripts [no access]
obviously, i want the .php pages associated with the website to have access to the hostname/Scripts or hostname/Admin/Scripts folders, but i dont want john doe typing in hostname/Scripts into his web browser and being able to view all the files in that directory.
Thanks in advance for any help that can be offered.
ive finished developing a website for a small business locally and i am ready to put the website live (hosting has been sorted already). however, the directory structure of the website requires some folders to be have restricted access.
e.g.
hostname/ [allow access]
hostname/Scripts [no access]
hostname/Admin [allow access]
hostname/Admin/Scripts [no access]
obviously, i want the .php pages associated with the website to have access to the hostname/Scripts or hostname/Admin/Scripts folders, but i dont want john doe typing in hostname/Scripts into his web browser and being able to view all the files in that directory.
Thanks in advance for any help that can be offered.
- jayshields
- DevNet Resident
- Posts: 1912
- Joined: Mon Aug 22, 2005 12:11 pm
- Location: Leeds/Manchester, England
- Ollie Saunders
- DevNet Master
- Posts: 3179
- Joined: Tue May 24, 2005 6:01 pm
- Location: UK
Apache forum would be a lot better suited for your question. General discussion isn't even for asking questions. Grrr.
Anyway, to answer your question put something like this:in a .htaccess file in the directories you wish to protect.
Anyway, to answer your question put something like this:
Code: Select all
Order deny, allow
Deny From allhosting is by http://www.fasthosts.co.uk, cant find any sign of .htaccess via ftp, and nothing resembling restricting access to folders from their control panel.
will try creating one and uploading it to see if the web server supports it or not.
assume it will support it, as im able to create custom error pages via the control panel.
/investigates
will try creating one and uploading it to see if the web server supports it or not.
assume it will support it, as im able to create custom error pages via the control panel.
/investigates
Last edited by sh33p1985 on Tue Jan 09, 2007 10:25 am, edited 2 times in total.
- Ollie Saunders
- DevNet Master
- Posts: 3179
- Joined: Tue May 24, 2005 6:01 pm
- Location: UK
You have to create one.sh33p1985 wrote:hosting is by http://www.fasthosts.co.uk, cant find any sign of .htaccess via ftp, and nothing resembling restricting access to folders from their own site admin control panel.
NiceI'd recommend redirecting to a 404 as opposed to turning indexing off. That way it doesn't give confirmation the directory exists... a little security through obscurity.
one minor query, i get a directing listing denied by default on http://www.mydomain.co.uk (havent uploaded any .htaccess files yet). can i make this redirect to lets say http://www.mydomain.co.uk/welcome.php?
- Ollie Saunders
- DevNet Master
- Posts: 3179
- Joined: Tue May 24, 2005 6:01 pm
- Location: UK
create a file called index.php in the document root directory and put this in it:There's certainly an apache based solution but I've always used PHP.
Code: Select all
<?php
header('Location: http://www.mydomain.co.uk/welcome.php');