Protect your htaccess file

Security in htaccess: htpasswd, 401 Authentication

Protect your htaccess file

Postby produke » 03 Oct 2006 02:17

When a visitor tries to obtain access to your .htaccess or .htpasswd file, the server automatically generates a 403 forbidden error, even with the file permissions at their default settings. However, you can apply a bit more security to your .htaccess files by adding the following code:

Code: Select all
<Files .htaccess>
order allow,deny
deny from all
</Files>


Also remember to chmod 644 your .htaccess files, and 640 your .htpasswd files.
User avatar
produke
 
Posts: 242
Joined: 25 Sep 2006 04:48

Return to Security and Authentication



Who is online

Users browsing this forum: No registered users