LinuxQuestions.org - Mod Rewrite

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - Mod Rewrite - Apache (https://www.linuxquestions.org/questions/linux-server-73/mod-rewrite-apache-628884/)

FormalLogic

03-18-2008 04:20 AM

Mod Rewrite - Apache

Hi There,
I'm running a test web server with virtualhosts and Mod rewrite enabled. My query is: how can I give access to Mod Rewrites custom rules but not to httpd.conf? Ie from a security point of view each user must be able to implement Mod Rewrite from their own directory using .htaccess files or some other method. They must not be able to have access to anything above their directory and obviously not to top level httpd settings. Is this possible with Mod Rewrite and how?
Thanks a million

BrianK

03-18-2008 10:21 PM

Not sure if I'm oversimplifying your request, but..

as long as allowoverrides is turned on for the user's homedirs, a user can use rewrite rules in their .htaccess. e.g. one of my .htaccess files on my shared webserver looks like:

Code:

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://(www\.)?myserver\.com/.*$ [NC]

RewriteRule \.(gif|jpg)$ http://myserver.com/test/createImage.php [R,L]

... and that exists in only one subdir of my site, all others operate normally, i.e. no rewrite rules.

FormalLogic

03-19-2008 01:30 AM

Thanks

Simple is good, I like simple :)
Thanks for answering. Now at least I can tell the clients, 'yes it is possible, you have the .htaccessw files go find out how to do it'.
Kind Regards
Shane

All times are GMT -5. The time now is 08:11 PM.