 | |
What would this .htaccess code be doing?
Search Engine Optimization Discussion about SEO/Search Engine Optimization (alt.internet.search-engines)
 |
| | Thread Tools | Display Modes |
#1
 
| |||
| |||
|
What would this .htaccess code be doing? -
05-24-2008
, 12:52 AM
#2
| |||||
| |||||
|
|
I found this on a site I'm considering... Files 403.shtml order allow,deny allow from all /Files what is it likely to be doing, do we think? It has dubious provenance so it may be crap. |
to a particular file.
Quote:
|
Files 403.shtml |
to one file named 403.shtml. From the filename I am
guessing it is the file that is served up with an
error 403
See http://httpd.apache.org/docs/1.3/mod/core.html#files
Quote:
|
order allow,deny |
applied. First, all Allow directives are evaluated at least
one (in this case there is only one; see next line) must
match or access to the file is denied. Next, all Deny
directives are evaluated. if one or more matches (this won't
happen in this case, because there are no Deny directives)
access to the file is denied. Finally, anything that does
not match an Allow or a Deny directive has access denied by
default.
See http://httpd.apache.org/docs/1.3/mod...ess.html#order
Quote:
|
allow from all |
IP address
See http://httpd.apache.org/docs/1.3/mod...ess.html#allow
Quote:
|
/Files |
So what the whole thing is saying is "allow anyone to access the
file named 403.shtml"
403 is the HTTP status for "Forbidden", meaning that the client
was able to communicate with the server, but the server is refusing
access to whatever was requested. So if the server denies all
access to. say, a particular IP address, this should see an exeption
for the one error file that is served up along with the error.
I would have to test to make sure that this really does have
priority over the blocking directive. It may be important
which comes first.
--
Guy Macon
<http://www.guymacon.com/>
#3
| |||
| |||
|
| Big Bill wrote: I found this on a site I'm considering... Files 403.shtml order allow,deny allow from all /Files what is it likely to be doing, do we think? It has dubious provenance so it may be crap. It is invoking the apache module mod_access to control access to a particular file. Files 403.shtml This says "apply everything between this and </Files to one file named 403.shtml. From the filename I am guessing it is the file that is served up with an error 403 See http://httpd.apache.org/docs/1.3/mod/core.html#files order allow,deny This sets the order in which the directives that follow are applied. First, all Allow directives are evaluated at least one (in this case there is only one; see next line) must match or access to the file is denied. Next, all Deny directives are evaluated. if one or more matches (this won't happen in this case, because there are no Deny directives) access to the file is denied. Finally, anything that does not match an Allow or a Deny directive has access denied by default. See http://httpd.apache.org/docs/1.3/mod...ess.html#order allow from all This says that the Allow directive matches any domain and any IP address See http://httpd.apache.org/docs/1.3/mod...ess.html#allow /Files End of invoking the apache module mod_access. So what the whole thing is saying is "allow anyone to access the file named 403.shtml" 403 is the HTTP status for "Forbidden", meaning that the client was able to communicate with the server, but the server is refusing access to whatever was requested. So if the server denies all access to. say, a particular IP address, this should see an exeption for the one error file that is served up along with the error. I would have to test to make sure that this really does have priority over the blocking directive. It may be important which comes first. |
please Guy, why would you have something like that in there? You have
to remember that, going by other things, the guy who set this up seems
to have had little idea of what he was doing...
or it could be me misunderstanding it all!
BB
--
http://www.kruse.co.uk/
http://www.fat-odin.com/
http://www.here-be-posters.co.uk/
#4
| |||
| |||
|
|
I would have to test to make sure that this really does have priority over the blocking directive. It may be important which comes first. I have no idea what you said just then. What's that mean in English please Guy, why would you have something like that in there? You have to remember that, going by other things, the guy who set this up seems to have had little idea of what he was doing... or it could be me misunderstanding it all! BB |
switched servers. If I understand it correctly, perhaps that's why
it's there, to stop somewone hitting the back button and going back to
where the site used to be on the old server. Or not, as it isn't there
any more.
BB
--
http://www.kruse.co.uk/
http://www.fat-odin.com/
http://www.here-be-posters.co.uk/
#5
| |||
| |||
|
|
I found this on a site I'm considering... Files 403.shtml order allow,deny allow from all /Files what is it likely to be doing, do we think? It has dubious provenance so it may be crap. BB |
example) the visitor to a custom 403 (access denied) page.
#6
| |||
| |||
|
|
Big Bill <bill (AT) kruse (DOT) co.uk> wrote in news:11bf349su7l9njisqpl2a89tlhcq8ue1k2 (AT) 4ax (DOT) com: I found this on a site I'm considering... Files 403.shtml order allow,deny allow from all /Files what is it likely to be doing, do we think? It has dubious provenance so it may be crap. BB The lines as you've submitted simply redirect and IP ranges (none is this example) the visitor to a custom 403 (access denied) page. |
be.
BB
--
http://www.kruse.co.uk/
http://www.fat-odin.com/
http://www.here-be-posters.co.uk/
#7
| |||
| |||
|
|
I have no idea what you said just then. What's that mean in English |
How are they Hanging? Hey, I hired this new goon named Mr. 403.shtml,
and I would like you to let everyone talk to him. No exceptions.
Yeah, I know I already asked you to stop Mr. BadUser out there on the
Internet from talking to anybody, but I also told you that *when* you
show Mr. BadUser the door, you should send him to my good buddy Mr.
403.shtml. That's because Mr. 403.shtml is a big mean dude and I want
him to beat the crap out of Mr. BadUser for showing his ugly mug.
403 can't do the beating unless you make an exception to the "don't let
Mr. BadDude talk to anybody" rule so that it becomes a "don't let Mr.
BadDude talk to anybody except the new bouncer, Mr. 403.shtml" rule.
Thanks, Mr. Apache Web Server!. I owe ya one. Wanna go bowling Tuesday?
Signed, Mr. .htaccess.
--
Guy Macon
<http://www.guymacon.com/>
#8
| |||
| |||
|
| Big Bill wrote: I have no idea what you said just then. What's that mean in English Hey there Mr. Apache Web Server! This is your old buddy Mr. .htaccess. How are they Hanging? Hey, I hired this new goon named Mr. 403.shtml, and I would like you to let everyone talk to him. No exceptions. Yeah, I know I already asked you to stop Mr. BadUser out there on the Internet from talking to anybody, but I also told you that *when* you show Mr. BadUser the door, you should send him to my good buddy Mr. 403.shtml. That's because Mr. 403.shtml is a big mean dude and I want him to beat the crap out of Mr. BadUser for showing his ugly mug. 403 can't do the beating unless you make an exception to the "don't let Mr. BadDude talk to anybody" rule so that it becomes a "don't let Mr. BadDude talk to anybody except the new bouncer, Mr. 403.shtml" rule. Thanks, Mr. Apache Web Server!. I owe ya one. Wanna go bowling Tuesday? Signed, Mr. .htaccess. |
Guy? Maybe I should wait for an explanation from someone called
Bloke...
anyhoo, in the interim and having grokked the input from the various
dudes who've presented themselves as having an opinion (to each, my
thanks) I think I'll just take it out.
BB
--
http://www.kruse.co.uk/
http://www.fat-odin.com/
http://www.here-be-posters.co.uk/
#9
| |||
| |||
|
|
Looking up the background for 403 errors, the site has recently switched servers. If I understand it correctly, perhaps that's why it's there, to stop somewone hitting the back button and going back to where the site used to be on the old server. Or not, as it isn't there any more. |
for a plain english explanation.
Quote:
|
Those lines as submitted are what's there. I don't think they should be. |
First, tell the server to block your IP address[1].
http://www.google.com/search?q=block+user+.htaccess
Second, use your browser to try to access the web site.
Do you get the contents of 403.shtml instead?
Now remove those lines from .htaccess.
Second, use your browser to try to access the web site.
Do you still get the contents of 403.shtml instead?
Note [1]: Don't get into a situation where you access
the .htaccess file to block yourself and then cannot
access the .htaccess file to unblock yourself because
you are blocked. To get around this, you need to be
able to access the site from another IP address.
--
Guy Macon
<http://www.guymacon.com/>
#10
| |||
| |||
|
|
Big Bill <bill (AT) kruse (DOT) co.uk> wrote in news:11bf349su7l9njisqpl2a89tlhcq8ue1k2 (AT) 4ax (DOT) com: I found this on a site I'm considering... Files 403.shtml order allow,deny allow from all /Files what is it likely to be doing, do we think? It has dubious provenance so it may be crap. BB The lines as you've submitted simply redirect and IP ranges (none is this example) the visitor to a custom 403 (access denied) page. |
|
« Previous Thread
|
Next Thread »
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.