.htaccess problems with media previews in music products

[BlessIsaacola]

I am wondering if there is a better solution to provide similar security offer by the different .htaccess included with 1.3.9.

At the moment the new .htaccess is causing more headaches than helping.

I just noticed in our log today that the server was filling up with errors like:

[error] [client 61.135.249.120] client denied by server configuration: /***/media/csmus0901/8.wma

The problem is resulting from the new .htaccess file in media folder.

This line

Code:

<FilesMatch ".*\.(js|css|jpg|gif|png|html)$">

must be adjusted to accommodate for all possible file types that could be in any of the giving folder that is using this new .htaccess file

So for example, in the media folder one needs to add things like wma, ra, rm, ram, etc.

I think there should be a note in the installation guide to warning users about this.

[DrByte]

the new .htaccess file in media folder.

This line

Code:

<FilesMatch ".*\.(js|css|jpg|gif|png|html)$">

must be adjusted to accommodate for all possible file types that could be in any of the giving folder that is using this new .htaccess file

So for example, in the media folder one needs to add things like wma, ra, rm, ram, etc.

Yes, that is correct, as explained inside the .htaccess file itself.

[BlessIsaacola]

Yes, that is correct, as explained inside the .htaccess file itself.

DrByte, I completely understand! Is there an alternative situation to secure some of those folders like media that's doesn't require manual intervention. The thought of remembering to update the .htaccess file with new file types for the different folder is too much for my brain :) I guess a person could take the time and add all possible file type that could be in a specific folder now and in the future.

Well, at least the solution is an easy one to get things moving along. I am just glad I was checking the server log today to see all the customers we were frustrating.

[Qdixon]

BlessIsaacola, as you requested that I look into this via another post, I agree with DrByte.

You will need to make the file extention additions if you are adding non stock items. I wish there was a better way of this but it seems this is the best way to do it for right now. Give it some time and a new better way could be incorporated in the future.

Security is a finiky thing and is never ending. The idea of denying everything and only accepting certain files is a very secure method and is widely used in cisco hardware and firewalls among many others.

It can be a pain in the bum and redundant...but, when it comes down to being hacked; this little thing could be your savior.

[BlessIsaacola]

Thanks to both of you for the prompt responses. One last question.

If I have folders like:

media/music
media/video/
media/books/

do I just put the .htaccess in media folder and it will apply to all sub-folders or do I have to do each sub-folder as well?

Thanks!

[Qdixon]

Htaccess will cover subfolders