 - .htaccess is the default name for a file that is used to indicate who can or cannot access the contents of a specific file directory from the Internet or an intranet. The .htaccess file is a configuration file that resides in a directory and indicates which users or groups of users can be allowed access to the files contained in that directory.
.htaccess was introduced as a directory-level, user authentication
method along with the original programs developed for retrieving Web pages over
the Internet, such as Hypertext Transfer Protocol daemon. When users type in a Uniform Resource Locator (the name of a Web site they want to go to), the URL
begins with "http://". This command is recognized by the underlying Web server
software program, HTTPd (for HyperText Transfer Protocol daemon). (A daemon is a program that sits waiting for requests for other programs.)
The main access control file used by HTTPd is the global access configuration file, which often resides at the root directory of the HTTPd server. .htaccess files
are additional, directory-level access control files used by HTTPd.
When the HTTPd server receives a user's request for a document, it looks in
the document's own directory, as well as higher up in the chain of directories
for these types of access control files. If it finds .htaccess, it will
look there to see whether or not the user is allowed to access the file. Based
on the information it finds, it may ask the user for his or
her user name and password first, before sending the requested document.
.htaccess is the default file name used by HTTPd when no other name
has been indicated in the HTTPd server's resource configuration file,
srm.conf. Another file name can be specified in this file, under the
AccessFileName <file>line, where <file>
would normally indicate .htaccess or another name. (In Netscape
servers, this file name is called .nsconfig, and uses a different syntax
from .htaccess.)
Whether or Not to Use .htaccess
.htaccess is often used in settings where a group network
administrator wants to control who views or changes the contents of the
directories that relate to his or her groups or users. In these settings, it is
not practical or advisable to give the administrator primary access to all of
the HTTPd server's functions, and all of its other directories and configuration
files. Having the local-level control provided by .htaccess files allows more flexibility for the administrator to create and
change directory access controls, as needed.
Some disadvantages to using .htaccess files have been noted: If an organization has several hundred .htaccess files on several hundred directories, each granting or denying user access to their own contents, it is more difficult for the company's network administrators to prepare a global access or authentication strategy and keep up with changes. Also, .htaccess
files can be overwritten very easily, causing problems for users who once could
access a directory's contents, but now cannot. Finally, .htaccess files are more likely to be opened or retrieved by unauthorized users.
| CONTRIBUTORS: |
Karl Yackel |
| LAST UPDATED: |
16 May 2000
|
|
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
 |
 |
| |
RELATED GLOSSARY TERMS
| Terms from Whatis.com − the technology online dictionary |
 |
32-bit IP addressing
(SearchNetworking.com)
32-bit IP addressing is the IP address scheme used in Internet Protocol 4 (IPv6 uses a 128-bit system)... (Continued)
|
|
ARCNET
(SearchNetworking.com)
ARCNET is a widely-installed local area network (LAN) technology that uses a token-bus scheme for managing line sharing among the workstations and...
|
|
|
