Hi,
As part of one our system's we enable a user in the backoffice to add a block of 301 redirects should they need to. This is just a textarea which then populates a specific area of a .htaccess file. As much as this may seem insecure it has only previously used internally by people who know what they are doing but for various reasons they cannot access the specific file. We need now to allow more access to this function, not for the general public, but for people that probably have far less knowledge of regexp etc and syntax in htaccess files. Obviously the major concern here is the user enters some bad syntax and makes their entire site, including the backoffice where they could fix the issue, totally inaccessible without manual intervention. What approaches can i take to make sure that they do not break their site? A htaccess syntax check? copy the file elsewhere and check it doesnt generate a 500 error (with cURL or similar)?. Would welcome any ideas.
Thanks.