Post by irko_birko » Sat Jul 15, 2017 12:15 am

Hello,
I want to prevent users from viewing and downloading all css and js files. So I put the code below in .htaccess in root directory. But the website doesn't load them.

Code: Select all

<FilesMatch "(?i)((\.css|\.js))">
 Order deny,allow
 Deny from all
 Allow from 127.0.0.1 
</FilesMatch>
I tried to add and "Allow from ::1" but again without a result.

Newbie

Posts

Joined
Fri Feb 12, 2016 1:58 am

Post by IP_CAM » Sat Jul 15, 2017 1:05 am

But anyone is able to download your Styles and Scripts, one has only
to click on the links, if looked at a Page in Browser Source Code View.
And if they could be called, they could do their Job either, I assume... :D
Ernie
--
Image

Attachments

sourcecode_view.jpg

sourcecode_view.jpg (229.67 KiB) Viewed 122 times


Ernie's OpenShop v.1.75 + OpenCart v.1.5.6.5 LIGHT Test Sites with free responsive Themes
http://www.bigmax.ch/shop/ - http://www.ebikes.li - http://www.ipc.li/shop/ - http://www.openshop.li/shop/
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by irko_birko » Sat Jul 15, 2017 1:13 am

Thenk it is not good. Isn't it bad for the security?

Newbie

Posts

Joined
Fri Feb 12, 2016 1:58 am

Post by IP_CAM » Sat Jul 15, 2017 1:44 am

Sure not, what should someone do with such Code, it's available all over the Web anyway.
And as long as it is NOT editable, from the Outside at least, it cannot be harmed either.
---
Strictly technically, one could code a Page, to make it's 'static' Source unreadable and even unusable
after downloading such PAGES, or if one tries to start/execute such a File again on a PC, as you
can see here, I was forced once to secure my Pages from just beeing copied as whole and so easy
republished again. :crazy: But it helped, at least for Newbies :D
---
http://www.everyauction.info/codepost/addons/685.html
---
But this would not work well in a Shop Envirorment, in some parts at least, where Users have to enter Data,
in order to buy something. And it's a timeconsuming task also, if every single page would have to be re-coded,
before beeing released to the Visitor !
Good Luck ;)
Ernie

Ernie's OpenShop v.1.75 + OpenCart v.1.5.6.5 LIGHT Test Sites with free responsive Themes
http://www.bigmax.ch/shop/ - http://www.ebikes.li - http://www.ipc.li/shop/ - http://www.openshop.li/shop/
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by irko_birko » Mon Jul 17, 2017 4:25 am

Thank you very much for the comprehensive explanation, Ernie !

Newbie

Posts

Joined
Fri Feb 12, 2016 1:58 am
Who is online

Users browsing this forum: DigitCart and 48 guests