2
I have developed a website which has a structure that can be summarised as:
htdocs
.htaccess
...
wp-content
...
uploads
...
Private
.htaccess
...
I need to access files in the Private directory from a Members Only within the website, but protect them from direct access. For example, if I enter the following in a web browser I can access a document directly:
http://www.Mywebsite.com/wp-content/uploads/Private/Admin-Accounts.xls
I thought this could be solved by including the following in the Private/.htaccess file:
order deny,allow
deny from all
However, it doesn't seem to matter what is in the Private/.htaccess file, I can still directly access files in the Private directory. The contents of the .htaccess file in the root directory seem to over-rule. If I search the site I find .htaccess files in numerous directories. What defines which one is in use?