glenwf
09-05-2002, 02:44 PM
On NT4, SP6 and Apache OpenSA/1.0.2 / Apache/1.3.26
Since NT won't allow .htaccess file I've renamed the file and used the following in the confg file.
<Files ~ "^\pass.acl">
Order allow,deny
Deny from all
</Files>
When I use the following the browser can see the file containing the security information and also download it.
<Directory "E:/Web/htdocs/EH Internal/">
Options FollowSymLinks MultiViews Indexes
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
</Directory>
Is there a way to prevent this other than putting the information in the config file??? I would like to keep it in the directory.
Since NT won't allow .htaccess file I've renamed the file and used the following in the confg file.
<Files ~ "^\pass.acl">
Order allow,deny
Deny from all
</Files>
When I use the following the browser can see the file containing the security information and also download it.
<Directory "E:/Web/htdocs/EH Internal/">
Options FollowSymLinks MultiViews Indexes
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
</Directory>
Is there a way to prevent this other than putting the information in the config file??? I would like to keep it in the directory.