PDA

View Full Version : htaccess request.

thonguyenhuy
10-10-2007, 02:09 AM
First Thanks very much to UnlimitedMB for your service.
I have just registered and got a free account from you, and everything so far is amazing!
However, please allow me to request a right to use file .htaccess on my account.This file is very powerful and helpful tool for designing, controlling, and security system. For example: "Hotlink protection" which is stop user from copy image's link and waste server's bandwidth, "Ip Deny" which help to stop hacker from Denial-of-service attack(Dos) or distributed denial-of-service(DDos), and more. In addition, there is no harmful or any danger to our server by using this tool.
again, thanks for everything.

------------
Sorry, I didn't read Support FAQ in Help & Support forum before I post this request.
UnlimitedMB
10-10-2007, 02:14 AM
htaccess is available for paid accounts only.

we already have hotlink protection, we will block any ips which are necessary ourselves.
thonguyenhuy
10-10-2007, 02:33 AM
Actually, I only need the hotlink protection for my php files. Maybe this is sound weird. But I'm building an ajax-php system for my website and I don't want anyone to brows php files accept server. Please help me on this.
UnlimitedMB
10-10-2007, 02:41 AM
Nobody can view the code of your php files, only what it outputs.
thonguyenhuy
10-10-2007, 02:48 AM
Yes, that's right.
no one can view the php code. but i don't want they view what it outputs!
when using ajax, what php outputs is a part of the webpage. therefore when view it normally, look terrible.
thonguyenhuy
10-10-2007, 03:15 AM
I just figure out the way to solve this problem. anyway with a hotlink protection on php is better.
thanks for your support.
UnlimitedMB
10-10-2007, 04:02 AM
I think you do not understand what hotlink protection is.

Hotlink protection stops other sites from directly linking to your files and images, it does not prevent your visitors from viewing your html code or javascript.

It is IMPOSSIBLE to protect against someone viewing the code, sure you can make it more difficult but its very easy to get around it.
thonguyenhuy
10-10-2007, 07:58 PM
Maybe I was wrong.
I thought it would stop users or other server viewing my php files by put this Hotlink protection code in htaccess.

SetEnvIfNoCase Referer "^http://localhost/" good #localhost could be server ip
SetEnvIfNoCase Referer "^$" good
<Files ~ "\.(ht|php)$">
Order Deny,Allow
Deny from all
Allow from env=good
</Files>

However, There are some other ways to get around this.