+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21)
+--- Thread: htaccess and apache security breach (/showthread.php?tid=6059)
htaccess and apache security breach - El Forum - 02-13-2008
[eluser]mariowarner[/eluser]
Hi guys,
I posted a topic asking about security breaches in apache web server when I try and enable htaccess from httpd.conf but I do not know if I posted on the right place. This is relating to allowing the RewriteEngine to rewrite calls for index.php so that I won't have to type index.php on the URLs anymore. The problem is, my web hosting company is getting flaky on whether they should add the codes on their httpd.conf or not with reasons relating to server security. Below is the code that should be added to my web host's httpd.conf:
Code:
<Directory "/Users/myUserAccount/Sites/WebsiteDirectory"> #where / is the root of your server
Options Indexes Includes FollowSymLinks MultiViews
AllowOverride FileInfo
Order allow,deny
Allow from all
</Directory>If anyone of you knows if any of the following lines that should be added in httpd.conf would breach their web server's security or not, or can point me to any direction that would clarify this out, I would greatly appreciate the reply.
I only have a week and then I will have to find a different web host (without any money-back) which would be a real hassle.
Thanks again.
htaccess and apache security breach - El Forum - 02-13-2008
[eluser]thatscriptguy[/eluser]
You've already posted in your other thread that they've confirmed allowoverride is set to on, which I would expect for most shared hosts.
Your problem more than likely stems from an incorrect rewritebase line. Make sure it is correctly set, or even try commenting it out.
Kevin
htaccess and apache security breach - El Forum - 02-13-2008
[eluser]mariowarner[/eluser]
yeah, i forgot to reset the rewritebase to /. it worked fine afterwards. thanks. i will be sure to remember this everytime i make a CodeIgniter based website.