1

I am a php developer and have recently decided to make one of my Magento extensions commercial. I have downloaded and configured MageParts CEM Server and that is all working perfectly in regard to licencing and delivery of module packages. The only issue is that the directory that the packages are stored in could be accessed by anyone. I tried this in a .htaccess file, but now it is not working. 

<Files services.wsdl>
allow from all
</Files>

deny from all

Clients are receiving a 403 Forbidden response. Have I done something wrong in the .htaccess file or would there be a better way to secure the directory?

Any help would be greatly appreciated.

Jack
  • 25
  • 2
  • 5

2 Answers2

0

You should also use "Order Deny,Allow" directive. Apache's allow/deny directives a somewhat tricky to understand. http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order

gelraen
  • 2,311
  • 20
  • 19
  • Thanks for the tip. I tried this but it made no difference. Would it be possible for you to post an example? – Jack Jan 17 '11 at 12:05
  • Order deny,allow allow from all Deny from all – gelraen Jan 17 '11 at 12:28
  • Thanks for the example but this is still producing the same error. – Jack Jan 17 '11 at 13:25
  • Just checked: http://pastebin.com/RyWS05iP – gelraen Jan 17 '11 at 14:35
  • Looks a bit ugly. "Conflict" may be if "services.wsdl" is not really existing file. directive controls access to filesystem, so if it is rewrited to other filename you should allow access to that file or use directives instead. – gelraen Jan 17 '11 at 14:53
0

How about

deny from all

<Files services.wsdl>
    allow from all
</Files>

?

Phliplip
  • 531
  • 8
  • 21