GuppY, the benchmark database free CMS

telecharger01.png


You are here :   Welcome » Shipped htaccess
    Print this page...

Shipped htaccess

GuppY is shipped with a .htaccess file in the root directory. This file is only useful if your web site runs with an Apache server (this is the case most of the time). You may have to configure to benefit from its efficiency.

 

* Configure the first htaccess


Here is its structure:
--------------------------------------
[Files ~ ".inc"]
Order allow,deny
Deny from all
Satisfy All
[/Files]
[Files ~ ".dtb"]
Order allow,deny
Deny from all
Satisfy All
[/Files]
ErrorDocument 400 /error.php?err=400
ErrorDocument 403 /error.php?err=403
ErrorDocument 404 /error.php?err=404
ErrorDocument 500 /error.php?err=500
--------------------------------------

The first 5 lines are used to protect the content of your database from hackers and other bad people (and there are some !). Otherwise, files like the data/frth.dtb file for example which holds all e-mail addresses of the people who posted a message in the forum can be read and even help to enrich a Spam file (ugly !). These 5 lines are not to be modified.

The 5 following lines are used to direct users to the error page when ask for a non existing page or other possible errors. These lines might require to be adapted (with a simple text editor like Notepad or Wordpad for example) according to where you have put your GuppY.

If you installed GuppY at the rool of your site (URL = http://www.yoursite.com/) then you have nothing to do. But if you installed it in a directory of your site (URL = http://www.yoursite.com/here/ for example) then you will have to modify these 5 lines :

-------------------------------------------
ErrorDocument 400 /here/error.php?err=400
ErrorDocument 403 /here/error.php?err=403
ErrorDocument 404 /here/error.php?err=404
ErrorDocument 500 /here/error.php?err=500
-------------------------------------------

In some cases, you might need to modify these 5 lines as follows (for a website having an URL like http://www.yoursite.com/) :

-------------------------------------------------------------
ErrorDocument 400 http://www.yoursite.com/error.php?err=400
ErrorDocument 403 http://www.yoursite.com/error.php?err=403
ErrorDocument 404 http://www.yoursite.com/error.php?err=404
ErrorDocument 500 http://www.yoursite.com/error.php?err=500
-------------------------------------------------------------

Or, if installed in the here/ subdir :

------------------------------------------------------------------
ErrorDocument 400 http://www.yoursite.com/here/error.php?err=400
ErrorDocument 403 http://www.yoursite.com/here/error.php?err=403
ErrorDocument 404 http://www.yoursite.com/here/error.php?err=404
ErrorDocument 500 http://www.yoursite.com/here/error.php?err=500
------------------------------------------------------------------

Note : As the way of setting an htaccess is usually specific to your web host, please refer to its documentation on this topic. For further information on how to protect your web site with a .htaccess file, please refer to the official Apache documentation.

* A second htaccess


It would also be wise to protect your admin/ directory by a user name and password, by seeting up a second htaccess : follow these instructions.


(Written and traslated by aldweb and Isa)

Creation date : 23/02/2005 @ 22:48
Last update : 06/07/2011 @ 18:40
Category : - II. Security doc
Page read 63847 times
 Preview    Print...