Exclude directory from eZ Web site

Author Message

PO Michel

Monday 26 November 2007 1:16:33 am

Hello all,

I have eZPublish 3.8.6 setup on a Apache 2.0 server via a Virtualhost.

I would like to install two HTML files in a subdirectory of the eZ tree and avoid theses pages to be manages by eZ. I would also like to protect access to these files with a HTTP login/pwd.

Here is my Virtualhost setup :

<VirtualHost *:80>
ServerName qualite.tpg.ch
ServerAdmin root@tpg.ch
<Directory "/var/www/tpg">
Options FollowSymLinks Indexes ExecCGI
AllowOverride All
</Directory>
DocumentRoot /var/www/tpg
ServerSignature email
DirectoryIndex index.php index.html index.htm index.shtml
LogLevel warn
HostNameLookups off
Redirect permanent /tpg/ http://qualite.tpg.ch/
Redirect permanent /index.php/tpg_admin http://qualite.tpg.ch:81
Redirect permanent /phpmyadmin http://anubis:8181
# Rapport Annoni
<Directory "/var/www/tpg/fr/presse/access_securise">
Order Allow,Deny
Allow from All
Options FollowSymLinks -Indexes
AllowOverride All
</Directory>

RewriteEngine On

RewriteRule !(^/fr/presse/access/securise/.*$) - [L]
Rewriterule ^/data/.* - [L]
Rewriterule ^/flash.swf - [L]
Rewriterule ^/var/storage/.* - [L]
Rewriterule ^/var/[^/]+/storage/.* - [L]
RewriteRule ^/var/cache/texttoimage/.* - [L]
RewriteRule ^/var/[^/]+/cache/texttoimage/.* - [L]
Rewriterule ^/design/[^/]+/(stylesheets|images|javascript)/.* - [L]
Rewriterule ^/share/icons/.* - [L]
Rewriterule ^/extension/[^/]+/design/[^/]+/(stylesheets|images|javascripts?)/.* - [L]
Rewriterule ^/packages/styles/.+/(stylesheets|images|javascript)/[^/]+/.* - [L]
RewriteRule ^/packages/styles/.+/thumbnail/.* - [L]
RewriteRule ^/favicon\.ico - [L]
RewriteRule ^/robots\.txt - [L]
RewriteRule .* /index.php
</VirtualHost>

The directory I want to exclude is /fr/presse/access/securise.

I have setup a .htaccess file at this directory's root :

AuthUserFile /var/www/tpg/fr/presse/acces_securise/.users
AuthGroupFile /dev/null
AuthName "Acces securise"
AuthType Basic
<LIMIT GET POST>
Order deny,allow
Deny from all
Require valid-user
</LIMIT>

When I try to access the URL : http://qualite.tpg.ch/fr/presse/access_securise/NRPE.pdf
, I get a 403 error.

The Apache logs tells :

client denied by server configuration: /var/www/tpg/fr/presse/access_securise

Any idea ?

Many thanks,

PO

Stefan de Bruijn

Monday 26 November 2007 6:47:44 am

The Ez Publish bit seems O.K. to me, and the error is from apache.

I think you should remove:

Order deny,allow
Deny from all

You are denying access from anyone.

PO Michel

Monday 26 November 2007 6:52:36 am

Hi,

I have tried

Order Allow,Deny
Allow from all

and I get the same 403 error after restarting Apache.

Stefan de Bruijn

Monday 26 November 2007 7:08:11 am

But have you tried removing? For combining 2 types of access control, you should use the satisfy directive.
I found some explanation on http://www.egr.msu.edu/decs/web/htaccess.php#combine.

PO Michel

Tuesday 27 November 2007 7:05:14 am

Hi,

I have tried any find of combinatio but I have never prompted for a username and password.

I have a virtual host configured like the following :

<VirtualHost *:80>
ServerName anubis
ServerAdmin root@tpg.ch
#DocumentRoot /DATA1/www/tpgV2
#site 3.8.6
DocumentRoot /var/www/tpg
Alias /fr/presse/acces_securise "http://anubis/access_securise"
ServerSignature email
DirectoryIndex index.php index.html index.htm index.shtml
LogLevel warn
HostNameLookups off
Redirect permanent /tpg/ http://anubis/
Redirect permanent /index.php/tpg_admin http://qualite.tpg.ch:81
Redirect permanent /phpmyadmin http://anubis:8181
<Directory "/var/www/tpg/access_securise">
Order Deny,Allow
Deny from All
Options FollowSymLinks -Indexes
AllowOverride All
</Directory>

</VirtualHost>

And if I access http://anubis/acces_securise/toto.txt, I can read the file.

That is the <Directory> directive is ignored and the .htaccess as well !

It really drives me crazy.

PO

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.