htaccess file should be configured correctly to tell Apache to receive-send response for cross origin site.
For e.g. we've site www.mysite.com and www.subdomain1.mysite.com. Now we want to send-receive data from subdomain1. In this case we should configure htaccess properly otherwise response will always be sent to mysite domain even when request is from subdomain1.
Just add these following line of code inside the htaccess and you're done :)
----------------------------
<IfModule mod_headers.c>
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
</IfModule>
----------------------------
Saturday, December 12, 2015
htaccess protection for file - directory or website.
Sometimes we need to protect our development/ staging site from indexing of search engines or anonymous visits. Also we should protect from directory browsing i.e. we don't want to list down all files we've stored. In this case we should take help of Apache by configuring httaccess file.
To configure this we do these two simple steps.
1. Creating and placing the credentials data in a file.
Here i've created a file named "htaccess-password-file"
Content inside "htaccess-password-file" is
-----------------------
nirmalya:$apr1$4vPpAb1l$jSHCl/KEuZCgeiHPoWxyz.
-----------------------
File "htaccess-password-file"is containing username along with encrypted password by seperated with ":".
2. Configuring htaccess for htaccess-password-file
At the top of the .htaccess file we'll place these following lines below -
-----------------------
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /srv/typo3/htdocs/htaccess-password-file
Require user nirmalya
-----------------------
We need to change value for "AuthUserFile" as required. This is the absolute path to file "htaccess-password-file" and "Require user" to username.
* This site http://www.htaccesstools.com/htpasswd-generator/ is useful to generate encrypted password.
To stop directory browsing we need to use these following code inside htaccess.
------------------------------
# Apache < 2.3
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
Satisfy All
</IfModule>
# Apache รข‰¥ 2.3
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
----------------------------
To configure this we do these two simple steps.
1. Creating and placing the credentials data in a file.
Here i've created a file named "htaccess-password-file"
Content inside "htaccess-password-file" is
-----------------------
nirmalya:$apr1$4vPpAb1l$jSHCl/KEuZCgeiHPoWxyz.
-----------------------
File "htaccess-password-file"is containing username along with encrypted password by seperated with ":".
2. Configuring htaccess for htaccess-password-file
At the top of the .htaccess file we'll place these following lines below -
-----------------------
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /srv/typo3/htdocs/htaccess-password-file
Require user nirmalya
-----------------------
We need to change value for "AuthUserFile" as required. This is the absolute path to file "htaccess-password-file" and "Require user" to username.
* This site http://www.htaccesstools.com/htpasswd-generator/ is useful to generate encrypted password.
To stop directory browsing we need to use these following code inside htaccess.
------------------------------
# Apache < 2.3
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
Satisfy All
</IfModule>
# Apache รข‰¥ 2.3
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
----------------------------
Subscribe to:
Posts (Atom)