Thread: .htaccess Files

Results 1 to 3 of 3

Hybrid View

  1. #1
    Join Date
    May 2006
    Location
    UK
    Posts
    105
    Plugin Contributions
    0

    Default .htaccess Files

    Hi folks
    I have been looking at the important site security recommendation document athttp://www.zen-cart.com/wiki/index.p...ecommendations

    Section 7 of this document mentions the use of .htaccess files to help prevent snooping. I have done a quick search on my zencart build and have listed all the directories that have an blank index.html without a .htaccess file as well.

    My question is should i include a basic .htaccess like the one also listed in section 7 along side these blank index.html files.

    I have attached a plain txt file with a listing of my finding.

    Regards
    Jayson
    Attached Files Attached Files

  2. #2
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: .htaccess Files

    There are many possible approaches depending on your hosting server's configuration. Some allow you to control with a cascading .htaccess file which catches all inappropriate access to all subdirectories, and others do not.

    If you are uncertain or cannot get a clear answer from your host, then protect each folder manually. If you are using Windows hosting, don't rely on .htaccess ... use index.html instead, and work with your host to ensure you have the best security settings active in your account (well, as good as IIS can do anyway).

    So ... not to pass the buck, but ... do what *you* have to do for *your* server. The guidelines are simply guidelines, as no *one* exact solution will work for everyone, since every host configures their server differently on their own whims (and changes it as they see fit, often without notice).


    By the way, you seem to have extra admin folders in your download and media folders for some reason...
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  3. #3
    Join Date
    May 2006
    Location
    UK
    Posts
    105
    Plugin Contributions
    0

    Default Re: .htaccess Files

    Quote Originally Posted by DrByte
    By the way, you seem to have extra admin folders in your download and media folders for some reason...
    Thanks for pointing that out i guess it must have been a slip of the fingers when uploading or something.

 

 

Similar Threads

  1. v155 Are htaccess files invisible
    By soxophoneplayer in forum Installing on a Linux/Unix Server
    Replies: 2
    Last Post: 8 Apr 2016, 09:39 PM
  2. htaccess files help please
    By pasb in forum Installing on a Linux/Unix Server
    Replies: 9
    Last Post: 27 Aug 2009, 07:18 PM
  3. Cant install .htaccess files
    By spikeycactus in forum General Questions
    Replies: 2
    Last Post: 6 Sep 2008, 07:04 PM
  4. Regarding .htaccess Files.
    By philip56 in forum General Questions
    Replies: 2
    Last Post: 2 Apr 2008, 10:05 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR