• JavaScript Kit
• Free JavaScripts
• JavaScript tutorials
• JavaScript Reference
• DOM Reference
• DHTML & CSS
• Web Design
• Free Java Applets
• CSS Quick Reference

CodingForums
Having trouble with scripting? Visit our help forum to get the answers you need.

• Link to Us!
• Contact Us

• CSS Drive
• JavaScript Menus
• Web Development
• CSS codes & examples
• JavaScript Community
• Web Templates
• Cheap Epson Ink Cartridge
• Web hosting
• Software Connection
• Software Library

This is a

Prevent viewing of .htaccess file

If you use htaccess for password protection, then the location containing all of your password information is plainly available through the htaccess file. If you have set incorrect permissions or if your server is not as secure as it could be, a browser has the potential to view an htaccess file through a standard web interface and thus compromise your site/server. This, of course, would be a bad thing. However, it is possible to prevent an htaccess file from being viewed in this manner:

<Files .htaccess>
order allow,deny
deny from all
</Files>

The first line specifies that the file named .htaccess is having this rule applied to it. You could use this for other purposes as well if you get creative enough.

If you use this in your htaccess file, a person trying to see that file would get returned (under most server configurations) a 403 error code. You can also set permissions for your htaccess file via CHMOD, which would also prevent this from happening, as an added measure of security: 644 or RW-R--R--

• Tutorial Introduction
• Error Documents
• Password protection
• Enabling SSI via htaccess
• Blocking users by IP
• Blocking users/ sites by referrer
• Blocking bad bots and site rippers (aka offline browsers)
• Change your default directory page
• Redirects
• Prevent viewing of htaccess
• Adding MIME types
• Preventing hot linking of your images and other file types
• Preventing directory listing
• Conclusion and more information

Adding MIME types