[mod_python] Question.

Patrick Percot ppercot at free.fr
Mon Jun 7 11:22:01 EDT 2004 

On Sun, 06 Jun 2004 23:30:24 -0500, Jon-Pierre Gentil <jgentil at sebistar.net> wrote

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 

Hi,

> My program imports other modules.  I wish to place these modules outside
> of the area that Apache can "serve" them, so that a malicious or curious
> user cannot enter, for example,  www.foo.com/modulecode.py and either
> view or execute the module.  Is there a way to move these below my
> documentroot and have mod_apache still import them? 

You can add this in your httpd.conf

	<Files *>
		PythonPath "sys.path + ['/path/to/my/hidden/modules']"
	</Files>

And store your code in this path (/path/to/my/hidden/modules). 

You can also add a .htaccess  file in all the directories you don't want
Apache to display the content. Put these lines in .htaccess :

Order Allow,Deny
Deny from All

À+
PP
-- 
Groupe Morbihannais d'Utilisateurs de Logiciels Libres http://www.tuxbihan.org
Identifiant Jabber: pp at amessage.de
GPG fingerprint = 1A4F E154 3D2C A20E E4CA  A543 7951 C5C2 E44A A0B5

Patrick Percot.

More information about the Mod_python mailing list