| Author |
Message |
Bigboy177
Worker
Joined: Jul 07, 2004
Posts: 192
|
 Posted:
Wed Jul 07, 2004 7:23 pm |
|
Is Sentinel working OK without the htaccess file... What are differences of having this file and not having... And How can I check if my server is running on Apache... I can't find it anywhere... Maybe there's a module or a block that can show the server info... |
| |
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Wed Jul 07, 2004 7:27 pm |
|
Type this code into a good text editor and save the file as phpinfo.php. Then ftp that file to your web root folder.Now run that file by pointing your browser to http://yourdomain.com/phpinfo.php. You will see at the top what server software you are running. Now rename that file as you don't want it available to everyone else.
.htaccess only runs under Apache. When blocking code is in .htaccess you are blocking at the server level. When used in a MySQL table, you are only blocking at the application level. |
| |
|
|
|
|
Bigboy177
|
| Posted:
Thu Jul 08, 2004 5:05 am |
|
I'm running on the Apache server but I don't have htaccess file in the root dir... I've downloaded WS_FTP... And still I can't see .htaccess file... What can I do... Should I simply put the empty file in the root... |
| |
|
|
|
|
Raven
|
| Posted:
Thu Jul 08, 2004 5:16 am |
|
It's .htaccess and when using WsFTP you need to add -la to the file mask and then hit enter. You will then be able to see all hidden files. |
| |
|
|
|
|
Bigboy177
|
| Posted:
Thu Jul 08, 2004 5:31 am |
|
I still can't find the file... Is it suppose to be In the root folder of my PHP Nuke... ?? Or maybe someplace else... |
| |
|
|
|
|
Raven
|
| Posted:
Thu Jul 08, 2004 5:34 am |
|
In your Sentinel config, you have to tell it where to put it. Try just using .htaccess as the entry in the config. |
| |
|
|
|
|
Bigboy177
|
| Posted:
Thu Jul 08, 2004 5:54 am |
|
OK... Thanks for the help...  |
| |
|
|
|
|
BobMarion
Former Admin in Good Standing
Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)
|
| Posted:
Thu Jul 08, 2004 9:34 am |
|
Here another thing you can do. Using a text editor create a new document, placeCode:Options All -Indexes
DirectoryIndex index.php index.htm index.html /noindex.php
|
into it and save it as .htaccess . Then upload that to your root nuke directory (where you have mainfile.php) and CHMOD it to 666. And yes there is a blank line at the end of that code above so when Sentinel(tm) starts appending to the file it doesn't add to the DirectoryIndex line
What these two commands do is to disallow anyone from getting a listing of anything in your sites directory structure. The second line tells it what index files to look for.
the index.php file is as follows:Code:<?
?>
<p align="center"><img border="0" src="/images/eyes.gif" alt="No Directory Browsing" width="120" height="80"><br><b>Directory browsing is not allowed!</b></p>
<?
?>
|
If you want to see how it looks goto http://www.nukescripts.net/noindex.php . |
_________________
Bob Marion
Codito Ergo Sum
Only registered users can see links on this board! Get registered or login! |
|
 
|
|
Caedus
Hangin' Around
Joined: Jun 21, 2004
Posts: 39
Location: The Netherlands
|
| Posted:
Thu Jul 08, 2004 12:39 pm |
|
So is the use of the .htaccess file more safe than using the database?
What could a hacker (in theory) do when only the database is enabled and would that be prevented by making use of that file? |
_________________
 Caedus
 |
|
 |
|
Raven
|
| Posted:
Thu Jul 08, 2004 3:10 pm |
|
| Caedus wrote: | | So is the use of the .htaccess file more safe than using the database? |
Technically speaking, yes. This way protects you at the web server level, meaning that they can't get at any documents anywhere in the path and sub-paths from where the .htaccess file is located. If just stored in a database, they are only restricted if that application calls it.
| Quote: | | What could a hacker (in theory) do when only the database is enabled and would that be prevented by making use of that file? |
They would have access to any directory/folder that is not in that pth. |
| |
|
|
|
|
Bigboy177
|
| Posted:
Thu Jul 08, 2004 6:24 pm |
|
I have made .htaccess and noindex.php files And I've put them in the folder in which I have mainfile.php...
I've got some questions... If for example I've got many folders before my nuke root folder .htaccess file still goes in the folder in which I have mainfile.php...
For example I've got:
ble_ble/ble_ble2/mainfile.php .... So the htaccess goes here right ??
And the path to the .htaccess file in the Sentinel Administration... should still be just .htaccess... or should I put ble_ble/ble_ble2/.htaccess |
| |
|
|
|
|
Raven
|
| Posted:
Thu Jul 08, 2004 7:17 pm |
|
.htaccess works hierarchically. So, if you have domain_name_1.com/.htaccess, that will apply to all folders beneath it, but not above it. You can have individual .htaccess files in every folder if you wish. The more and the larger the .htaccess files, the more penalty you pay in overhead expense. But, the extra nanoseconds are well worth the cost, imo. |
| |
|
|
|
|
Bigboy177
|
| Posted:
Thu Jul 08, 2004 7:27 pm |
|
|
|
|
|
Raven
|
| Posted:
Thu Jul 08, 2004 7:30 pm |
|
It can be whatever you want, depending on how many folders above your nuke folder you want it to apply to  . Just place it in the same file as your mainfile.php - in the Sentinel configuration screen, just enter .htaccess . Don't use any paths at all. |
| |
|
|
|
|
Bigboy177
|
| Posted:
Thu Jul 08, 2004 7:35 pm |
|
OK... Thank you very much for your help |
| |
|
|
|
|
Caedus
|
| Posted:
Sat Jul 10, 2004 6:44 am |
|
Ok, thx Raven! I noticed you replaced the raven smiley too. Nice one ! |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
