Get access to folder outside public web root?

jason.burneracc · October 31, 2021, 1:34am

So I want to implement something like this: Easy way to password-protect php page - Stack Overflow

and one of the suggestions is to place the html file outside the public web root, which I assume for InfinityFree would either be the original htdocs folder or the folder with the custom domain name (or the level with the original htdocs folder). However it doesn’t seem like it’s possible based on folder permissions?
Can anyone confirm, or am I missing something

Greenreader9 · October 31, 2021, 1:56am

Nope, you can’t do that (You can only have files within the hotdogs folder). However, the Control Panel has a feature called “Directory Privacy” for exactly this use.

wackyblackie · October 31, 2021, 1:58am

An easy way is to type this in your .htaccess:

<Files “file.html”>
Require all denied
</Files>

It will deny all access to the file, no matter what.

jason.burneracc · October 31, 2021, 2:43am

interesting. This seems to protect the entire domain if it’s set to the main domain. Or a subfolder (and its subfolders). Are you aware of any way to clear that for some folders that I may not want to protect (but still protect the entire domain, assuming it’s simpler than protecting each individual folder).

wackyblackie · October 31, 2021, 2:54am

To prevent access to a directory, type this in your .htaccess:

<Directory "/directory”> #Note no trailing slash
    Require all denied
</Directory>

To prevent access to a file, type this instead:

<Files "private.html">
    Require all denied
</Files>

Maybe read this doc: Configuration Sections - Apache HTTP Server Version 2.4

Greenreader9 · October 31, 2021, 12:41pm

How many folders do you want to protect, and how many do you not want to be protected?

@wackyblackie, the OP wants it password protected, not blocked.

wackyblackie · October 31, 2021, 12:45pm

Maybe use this:

<Files "file.html">
    AuthType Basic
    AuthName "Authenticate"
    AuthUserFile /home/volXXX/epizy.com/epiz_XXX/htdocs/dir/.htpasswd
    Require valid-user
    DirectoryIndex index.php
</Files>

And you can generate a .htpasswd with Htpasswd Generator – Create htpasswd - hostingcanada.org. Don’t forget to protect it, though:

<Files ".ht*">
    Require all denied
</Files>

Greenreader9 · October 31, 2021, 12:49pm

That is exactly what the directory privacy feature does.

system · November 7, 2021, 12:49pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.