Ok we are moving hosts and the new host doesn't appear to allow folders anywhere but the webroot
Previously we had the downloads folder below the webroot and had redirect on.
All i want to do is prevent direct download from the download folder below is the current .htaccess file, but it doesn't seem to prevent direct access at all
Failing that is there any need for the download folder to be called "download" if i were to change the name of it and the links to it in my config files would that offer some protection?Code:# # @copyright Copyright 2003-2011 Zen Cart Development Team # @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 # @version $Id: .htaccess 18695 2011-05-04 05:24:19Z drbyte $ # AuthType Basic AuthName "No access" AuthUserFile .htnopasswd AuthGroupFile /dev/null #Require valid-user ############################### # # This is used with Apache WebServers # # The following blocks direct HTTP requests to all filetypes in this directory recursively, except certain approved exceptions # It also prevents the ability of any scripts to run. No type of script, be it PHP, PERL or whatever, can normally be executed if ExecCGI is disabled. # Will also prevent people from seeing what is in the dir. and any sub-directories # # For this to work, you must include either 'All' or at least: 'Limit' and 'Indexes' parameters to the AllowOverride configuration in your apache/conf/httpd.conf file. # Additionally, if you want the added protection offered by the OPTIONS directive below, you'll need to add 'Options' to the AllowOverride list, if 'All' is not specified. # Example: #<Directory "/usr/local/apache/htdocs"> # AllowOverride Limit Options Indexes #</Directory> ############################### # deny *everything* <FilesMatch ".*"> Order Allow,Deny Deny from all </FilesMatch> IndexIgnore */* ## NOTE: If you want even greater security to prevent hackers from running scripts in this folder, uncomment the following line (if your hosting company will allow you to use OPTIONS): # OPTIONS -Indexes -ExecCGI
Thanks
Results 1 to 4 of 4
Threaded View
-
3 Apr 2015, 11:14 PM #1
Totally Zenned
- Join Date
- Sep 2005
- Location
- Waikato, New Zealand
- Posts
- 1,539
- Plugin Contributions
- 3
Download folder in Web Root - preventing direct access to files
Webzings Design
Semi retired from Web Design
Reply With QuoteSimilar Threads
-
v153 Already installed in root/zencart/ folder but want to view/access from root folder
By oavs in forum General QuestionsReplies: 23Last Post: 8 Oct 2014, 05:32 AM -
Relocate Download Folder Outside of Root
By azimpact in forum Basic ConfigurationReplies: 8Last Post: 25 Oct 2010, 09:50 PM -
Root Folder on web server
By storeman in forum Installing on a Linux/Unix ServerReplies: 8Last Post: 23 Apr 2009, 08:48 AM -
can't move download dir. out of the web root.
By quixotic in forum Installing on a Linux/Unix ServerReplies: 15Last Post: 10 Mar 2009, 09:03 AM
