All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Non-Recursive .htaccess files, permissions, etc..
I use example.com/personal/ dir for hosting some personal files, screenshots and similar things which I share with friends, forums, etc... however I can't find a way to lock /personal/ for visitors so that only I would be able to check files and share direct URLs with others.
Simple .htaccess file with " Order deny,allow / Deny from all / Allow from 255.255.my IP" rule obvioulsy isn't solution because "Deny from all" recursively affect also direct links so that others can't access them. Also chmod permission rule which I use this moment isn't solution because that way I can't direcly access from net to find proper file name to share link either.
Any suggestion how to password or IP protect /personal/ dir for all others except me but that this woudn't recursively disable for others also /personal/fileexample.jpg links?
It's ordinary apache, php, etc... cPanel webhosting server. I don't want to use 3rd party filesharing/image gallery software if that's possible and I wondering if there's some more elegant solution similar to .htaccess but without recursive affect on files inside this dir.
Comments
So basically, you want to be able to link people to pictures/files within your /personal/ directory, but don't want them to be able to view the contents of said directory, yes?
If that's correct, I;d just stick in a blank index.html file in there.
Or, just remove Indexes from the option line for that directory.
If this would be that easy Thank you both but you overlooked important part. Yes I want to be able to link people to pictures/files within my /personal/ directory and I don't want them to be able to view the contents of this directory however from otherside I want to be able to view the contents of said directory.
That's why blank index.html, chmod, etc... don't look like viable option and I am taking .htaccess "deny from all/allow from (IP or password)" example which would be perfect solution if this damn thing just wouldn't work recursive. Any file or dir contained within the dir with the .htaccess will follow the same rules and this is what I would like to avoid.
That's not what DENY does. If you issue a DENY on /personal/, then nobody will be able to view any content from that directory (Indexing or Direct Links). If you issue a DENY on /personal/, and even manage to pull a later ALLOW on /personal/img/, you're still facing the exact same problem.
We understood what you mean, the problem is that you don't have a real viable method of doing this without more advanced scripting and rules. Your best bet is to simply run an 'ls', copy/paste the filename to your browser if you have to, and proceed from there.
I said that - It's recursive
This is what I am doing whole time but to do this I need to ssh or ftp to server everytime when I want to share some file. If you're in the middle of the chat with someone and you want to quick share some picture or something it's even those few seconds to open client to log into server sometimes too much.
I am afraid that I will be forced to use some third party filesharing script if I don't find more elegant solution anyway.
No, you're missing the point. You CANNOT use DENY to selectively allow indexing. DENY completely blocks access to the directory/directories in which it's active.
What you're wanting to do will require regex and rewrite rules.
I do? But I never said that I want to use DENY for selectively allowing indexing (where did you get this idea from?) but use it as example to deny/allow access to dir - something what .htaccess do and it would do great also in my case if just wouldn't have recursive affect on subfolders and files and that's why I am looking for alternative solutions not neccessary connected with .htaccess
I know that you want to help however there seems problem in communication (my limited english or you don't read careful what I say?).
You cannot do this with .htaccess files. Regex/mod-rewrite, period.
Word of advice: if you're not going to state explicitly what you want to do the first time, especially not in your native tongue, you'd do well not to accuse others of "not reading carefully".
But I keep repeating this... and you keep repeating same after me...
And more I am telling that I can't do this with .htaccess to find some alternative solution more you try to convience me that I can't do this with .htaccess... Anyway thank you for telling me what I am saying from beginning... and I will check mod-rewrite option after I go through http://www.webmasterworld.com/apache/3588649.htm (seems like something to start with) and some other documents.
But I did... Infact I believe that I was very descriptive and even with my far from perfect english isn't that hard to understand what I want to do.. just that I am looking for way to do this and that's why I opened this topic. But more I am saying what isn't option more you repeating after me what isn't option and this bring us nowhere. Lets stop with this and try to be constructive, can we?
Hey guys just cool down!
@Heinz From what I understand from your description of the situation
For the above scenario put an index.php file in the directory with the following code:
For php virgins: you should login with username as 'username' and password as 'password'. You can change this by changing the values of variables $user and $pass in the above script.
If I have mis-interpreted your requirements, just ignore and have fun!
{fun}*License: Above script can be used, distributed, modified, sold, claimed your own, critisised as inefficient or insecure, .... for any purpose and by anyone without any restrictions whatsoever!
Post here if you don't understand it{/fun}
EDIT: Code Modified as per exussum's suggestion
Maybe this help?
http://www.unitedforums.co.uk/vb/website-development-scripting/12442-htaccess-rewrite-ip-address-handling.html
Instead of $file != "." && $file != ".." you could use
$file{0} != "."
Which would hide all files starting with a . so hidden files too ?
May be useful
@exussum you are correct on that and your suggestion is very useful. I've edited the script accordingly.
wrote the script just for this thread. so just put in what was on top of the mind.
It's better to use htaccess password protection, it protects you easily, also against search engines indexing. That's a good how-to:
http://www.elated.com/articles/password-protecting-your-pages-with-htaccess/
You just need to send your visitors the username and password for accessing everything in a directory.
I think you're talking about something different. Something that also confused the OT. htaccess can only be used in this scenario to protect the whole directory and not file-wise. Since the whole directory is not intended to be protected here in this thread as the files itself should be directly accessible without protection, htaccess is no help. Thus the script above with the mark that you just need to disable the index or put up a blank index.html.
Otherwise, just chmod the folder to 711.
@divya amazing. Thank you for script and to all rest thank you for suggestions and ideas. I will try script when I come from work.
That's what you have ftp/sftp for.
Forgive me for skimming. Short on time.
I just came from work, tryed it and bingo! @divya your script is exactly what I was looking for. Once again thank you for your time and effort.
If anyone other find it useful please click on little "Thanks" icon near @divya and @exussum name
@Heinz programming was my hobby during school days and my primary job responsibility now(Not PHP programming exactly though).
So, it was fun for me too. Enjoy!