Hi - I used Web Platform Installer to install php, among other things, on Windows 2008 R2/IIS 7.5.
Installed an app by a third party that is written in PHP. Everything runs fine except for security where they say I need to use the equivalent of .htaccess and .htpasswd to set some security on some folders and such. Below is their description.
How do I do the three things they describe, except do it using IIS instead of apache.
Thanks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1. protect directory xxx/yyy using a .htpasswd file
2. The contents of the directories listed below should be protected from direct access via the HTTP protocol (i.e. using a browser):
--- data/
--- temp/
Limiting access to server directories should be performed by means of the web server. In case of using Apache as the web server those directories should contain a .htaccess file with the following directive:
Deny from all
3. Assign permissions to the application's files and directories that should allow only authorized users of the operating system to access and modify their contents. Exact permission values depend on the current server configuration and the purpose of each
specific file or directory. Below are provided common recommendations on setting up access permissions.
The web server should be allowed to rewrite contents of the following directories (and the files contained in them):
data/ (and subdirectories)
temp/
sipiptel
10 Posts
.htaccess and .htpasswd equivalent
Sep 28, 2012 03:46 PM|LINK
Hi - I used Web Platform Installer to install php, among other things, on Windows 2008 R2/IIS 7.5.
Installed an app by a third party that is written in PHP. Everything runs fine except for security where they say I need to use the equivalent of .htaccess and .htpasswd to set some security on some folders and such. Below is their description.
How do I do the three things they describe, except do it using IIS instead of apache.
Thanks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1. protect directory xxx/yyy using a .htpasswd file
2. The contents of the directories listed below should be protected from direct access via the HTTP protocol (i.e. using a browser):
--- data/
--- temp/
Limiting access to server directories should be performed by means of the web server. In case of using Apache as the web server those directories should contain a .htaccess file with the following directive:
Deny from all
3. Assign permissions to the application's files and directories that should allow only authorized users of the operating system to access and modify their contents. Exact permission values depend on the current server configuration and the purpose of each specific file or directory. Below are provided common recommendations on setting up access permissions.
The web server should be allowed to rewrite contents of the following directories (and the files contained in them):
data/ (and subdirectories)
temp/