MaRiOsGR66

Well-Known Member
Feb 18, 2011
111
1
68
cPanel Access Level
Root Administrator
Is there any way (to be enabled via cpanel) to allow the usages of .htaccess files only for the public_html directory and not any subdirectory under public_html ?
 

quietFinn

Well-Known Member
Feb 4, 2006
1,222
87
178
Finland
cPanel Access Level
Root Administrator
Is there any way (to be enabled via cpanel) to allow the usages of .htaccess files only for the public_html directory and not any subdirectory under public_html ?
No, it is not possible.
 

MaRiOsGR66

Well-Known Member
Feb 18, 2011
111
1
68
cPanel Access Level
Root Administrator
well acctually it is, I've finally found it

Server Configuration »
Tweak Settings »
System »
Depth to recurse for .htaccess checks [?]

The maximum number of directories deep to look for .htaccess files when doing .htaccess checks. Values higher than 100 are discouraged.
 

quietFinn

Well-Known Member
Feb 4, 2006
1,222
87
178
Finland
cPanel Access Level
Root Administrator
well acctually it is, I've finally found it

Server Configuration »
Tweak Settings »
System »
Depth to recurse for .htaccess checks [?]

The maximum number of directories deep to look for .htaccess files when doing .htaccess checks. Values higher than 100 are discouraged.
Right, I stand corrected :eek:
 

quietFinn

Well-Known Member
Feb 4, 2006
1,222
87
178
Finland
cPanel Access Level
Root Administrator
I believe I must correct myself again.
This setting WHM-> Server Configuration-> Tweak Settings-> System-> Depth to recurse for .htaccess checks
does not what MaRiOsGR66 is asking for.

This setting is used by cPanel itself when it is checking .htaccess files, for example when you run EasyApache.

In Apache documentation I couldn't find a setting for this kind of limit.
 

MaRiOsGR66

Well-Known Member
Feb 18, 2011
111
1
68
cPanel Access Level
Root Administrator
"This setting is used by cPanel itself when it is checking .htaccess files, for example when you run EasyApache."

thats explains it, I though it would be a measure of security for the web server, but it is for cpanael owns usage then
its a different thing.

but why would cpanel do that kind of check ? even for easyapache ? what is the purpose?

- - - Updated - - -

Could I be nosey here and ask the reason you'd want to do this?

Thanks! :)
sometimes through vulnerable scripts they upload .htaccess that give the right to execute other things,
as a added measure I thought that would help.
 

quietFinn

Well-Known Member
Feb 4, 2006
1,222
87
178
Finland
cPanel Access Level
Root Administrator
but why would cpanel do that kind of check ? even for easyapache ? what is the purpose?
I don't remember exactly, but it is searching for AddHandler directives and changing or removing them if they do not match installed PHP version.
 

MaRiOsGR66

Well-Known Member
Feb 18, 2011
111
1
68
cPanel Access Level
Root Administrator
btw I've found what I was looking for here:

/http://catn.com/vcluster/htaccess-revisited/

Preventing recursive overrides

Preventing recursive overrides is quite straightforward. Simply add something like the following to your <VirtualHost> configuration:

# Allow overrides in the document root
<Directory /path/to/docroot>
AllowOverride All
</Directory>

# Disable overrides below the document root
<Directory /path/to/docroot/*>
AllowOverride None
</Directory>