Jump to content

Prevent template files from being downloaded

jclarke

By jclarke
in General Discussion

 Share

Recommended Posts

jclarke Senior Member

jclarke

Posted
Posted

Since WHMCS puts its templates in a publicly accessible location, if don't tell apache to block visitors from seeing these files, anyone can download/view your template files. If you have any custom tweaks to your template files and you don't want others to be able to view them, just add the following to your .htaccess file in the root of your WHMCS installation.

 

<Files ~ "\.tpl$">
Order allow,deny
Deny from all
</Files>

0
Link to comment
Share on other sites
disgruntled Senior Member

disgruntled

Posted
Posted
Since WHMCS puts its templates in a publicly accessible location, if don't tell apache to block visitors from seeing these files, anyone can download/view your template files. If you have any custom tweaks to your template files and you don't want others to be able to view them, just add the following to your .htaccess file in the root of your WHMCS installation.

 

<Files ~ "\.tpl$">
Order allow,deny
Deny from all
</Files>

 

 

This would be better done from within the server configs, htaccess can be bypassed

0
Link to comment
Share on other sites
laszlof Senior Member

laszlof

Posted
Posted
This would be better done from within the server configs, htaccess can be bypassed

 

Theres no way (that I know of) to bypass Deny from all statements in .htaccess files. Apache treats .htaccess files just as it treats statements in the main httpd.conf file (with a few restrictions on usage).

 

Now if you're talking about authentication via .htaccess (Auth Basic), thats a different story.

0
Link to comment
Share on other sites
disgruntled Senior Member

disgruntled

Posted
Posted
Now if you're talking about authentication via .htaccess (Auth Basic), thats a different story.

 

I am, but there are always new ways i put no faith in htaccess at all to be fair, i use it for simple things that need url rewrites or compression but nothing critical

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept