Block XML on main directory, unblock in an app directory.

[Mendex]

Hello All,

I've encountered a problem.

I'm using GetSimple for my company's website. I really like it, for our intranet i've installed eGroupware on a subdirectory so our main site is in:

http://codexsoluciones.com.mx while our intranet is in http://codexsoluciones.com.mx/intracodex

I'm using fancy URLs.

The problem I'm having is (this is what I believe at least) the .htaccess files denies the reading of .xml files on all subdirectories and the intranet app can't see its own xmls as they all turn up a 404 even though they exist.

I've tried several Apache tutorials and help pages and I always end up with a 500 error :/

Has anyone encountered this type of problem? Is there a way to Deny the xmls in all except the intracodex subdirectory (recursive)?

Any help or insight will be much appreciated.

Best Regards,

Mendex

[Carlos]

A quick solution could be removing all this from your root .htaccess:

Code:

# blocks direct access to the XML files - they hold all the data!
<Files ~ "\.xml$">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>
<Files sitemap.xml>
        Order allow,deny
    Allow from all
    Satisfy All
</Files>

If your data and backups directories have their own deny .htaccess files (they should, if you haven't removed them), it's not really necessary to have those lines (kind of a double protection)

[Mendex]

Thank you for your answer Carlos.

I removed it. But now I get a 500 Error en every page except the main page.

Again Thanks.

Mendex

A quick solution could be removing all this from your root .htaccess:

Code:

# blocks direct access to the XML files - they hold all the data!
<Files ~ "\.xml$">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>
<Files sitemap.xml>
        Order allow,deny
    Allow from all
    Satisfy All
</Files>

If your data and backups directories have their own deny .htaccess files (they should, if you haven't removed them), it's not really necessary to have those lines (kind of a double protection)

[shawn_a]

Then you removed more than your were supposed to i imagine.

[Mendex]

Shawn, thank you for your answer.

This is what the htaccess file looks like after I removed the file directives:

------------------------------------

AddDefaultCharset UTF-8
Options -Indexes

RewriteEngine on

# Usually it RewriteBase is just '/', but
# replace it with your subdirectory path
RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule /?([A-Za-z0-9_-]+)/?$ index.php?id=$1 [QSA,L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule /?([A-Za-z0-9_-]+)/?$ index.php?id=$1 [QSA,L]

[shawn_a]

looks like you have that last rule block twice

Ideally you would not have gs mixed in with other directories, and therefore not have this problem.
gs should be in a subdirectory, so its htaccess only applies it it and not your doc root.

[Mendex]

That worked!

For reference, the htaccess File that worked:
-----------------------------------------------------------------------
AddDefaultCharset UTF-8
Options -Indexes

RewriteEngine on

# Usually it RewriteBase is just '/', but
# replace it with your subdirectory path
RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule /?([A-Za-z0-9_-]+)/?$ index.php?id=$1 [QSA,L]
---------------------------------------------------------------------

Big thanks Shawn and Carlos for your time an patience.

Best Regards,

Mendex

[shawn_a]

like i said ideally you do not do this.

If you want to mix your gs in with a static site, you can just use a subpath.

Code:

RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule /?([A-Za-z0-9_-]+)/?$ SUBDIR/index.php?id=$1 [QSA,L]

Then your gs install is vrigin without other crap inside it. And noone is the wiser that it is in a subdir.
And siteurl set to base domain. This is al in the wiki i think.