Readable .htaccess

[au8ust]

Hi,

I need help with my server. It seems that my .htaccess file (even .htpasswd) is readable by anyone. This shouldn't be happen.

Any idea for this?

Thanks!

 

[floyd]

So you are saying that everyone has permission to read it. Change the permissions on it.

 

[au8ust]

Thanks floyd for your reply! I did that already, my hosting provider also changed the permission for me. However, when I turn off the public read permission. It seems that my mod_rewrite rules aren't working anymore.

 

[floyd]

A quick google (google answers most everything) search resulted in this:

The process of preventing your htaccess file from being read is an incredibly easy one that requires four short lines of code to be placed into the htaccess file itself. The code required is as follows:

<Files .htaccess>
order allow,deny
deny from all
</Files>

Give that a try.

 

[au8ust]

Thank you! I really approciated your help. However, it still not working It seems that something wrong with my server configurations. It only happens to a certain domain. I did a test on other domains and they seem not able to view thier .htaccess on those domains.

Any idea?

Thanks a lot!

 

[au8ust]

Ah...! I found the root of problem now.

It's due to the geoip code I've added.

<IfModule mod_geoip.c>
 GeoIPEnable On
 GeoIPOutput All
 GeoIPDBFile /usr/local/share/GeoIP/GeoIP.dat
</IfModule>


<Location />
SetEnvIf GEOIP_COUNTRY_CODE DE BlockCountry=1
SetEnvIf GEOIP_COUNTRY_CODE RU BlockCountry=1
SetEnvIf GEOIP_COUNTRY_CODE TR BlockCountry=1
SetEnvIf GEOIP_COUNTRY_CODE LT BlockCountry=1
Deny from env=BlockCountry
</Location>

I put the above code withing <VirtualHost> and that causing .htaccess readable by public.