I have a website which logs the users activity on a text file. But then when I enter www.mywebsite.com/textfile.txt I can clearly see the contents of that txt file. How do I hide this?
Use this rewrite in top of .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^textfile\.txt$ - [F,L]
</IfModule>
Or use directive Files:
<Files "textfile.txt">
Order Allow,Deny
Deny from all
</Files>
And for Apache 2.4+, use this:
<Files "textfile.txt">
Require all denied
</Files>
Related
here is a script for apache to disable folder access via browser:
## no access to this folder
# Apache 2.4
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Apache 2.2
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
Options -Indexes
But it does not work: https://doboda.com/wp-content/uploads/movies/
How can i block it?
This is not FTP. This is the directory listing option. You can disable it by adding this line to .htaccess:
Options -Indexes
I'm kinda new to htaccess, I'm trying to block everything but index.php, the folder public and the files it contain. I have googled around and got this so far. Its kinda working but it looks like the webserver dont have access to the files either. It opens index.php but no css,js or php files are included. I can also go to domain.com/folder/ and get to the index page but its empty i would want it to redirect to index.php if possible. And i also have no clue about how to open the public folder while everything else above is set.
AuthType Basic
order allow,deny
<Files ~ "^(index\.php|)$">
Allow from all
</Files>
<Files .htaccess>
Order Allow,Deny
Deny from all
</Files>
DirectoryIndex index.php
Replace all of your code with this mod_rewrite rule in your site root .htaccess:
DirectoryIndex index.php
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/(?:index\.php$|public/|.+\.(?:jpe?g|gif|png|ico|tiff|css|js)$) [NC]
RewriteRule . - [F]
This rule will block everything except public/ folder, index.php or any other file ending with .css, .js, images etc.
I have .htaccess file:
Order deny,allow
Deny from all
# deny view files in directory
Options -Indexes
<FilesMatch "index\.php|profile\.php|newgame\.php|game\.php">
Allow from all
</FilesMatch>
It works well, I can open index.php or profile.php for url like site.com/index.php. But I can't open site for url site.com. Why? I give access to index.php. Isn't site.com the same of site.com/index.php. How to change .htaccess file to take into account this situation?
UPDATE
apache2.conf contains:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
You need to configure apache to recognize index.php as index file.
Add
DirectoryIndex index.php
While I'm confident this has been asked and answered somewhere, my Google and SO searches have not helped me solve what seems like a fairly easy problem.
The goal:
Deny access to ALL file types except images.
Current .htaccess file:
<Files *.*>
Order Deny,Allow
Deny from all
</Files>
<FilesMatch "\.(jpg|png|gif|jpeg|JPG|PNG|GIF|JPEG)$">
Order Deny,Allow
Allow from all
</FilesMatch>
I still cannot (via the browser) access any image files, with a "403 Forbidden" error.
Questions:
1. How do I make this work properly without rewrite rules?
2. Can I combine Files and FilesMatch rules like this?
3. Are the FilesMatch rules case sensitive?
You can easily achieve this via mod_rewrite rules:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule !\.(jpe?g|png|gif)$ - [NC,F]
Using FilesMatch you could do this:
Order deny,allow
# first deny all files
<Files *>
deny from all
</Files>
# then allow all image files
<FilesMatch "(?i)\.(jpe?g|png|gif)$">
allow from all
</FilesMatch>
I want to make short url's in my web for ex:
change this url:
www.site.com/somepage.php
www.site.com/text.php?id=123
to this:
www.site.com/somepage
www.site.com/text/123
I tried alot of example from answers here and nothing work, I dont konw what I'm doing worng.
my default htaccess file is:
<IfModule mod_suphp.c>
suPHP_ConfigPath /home/user/php.ini
<Files php.ini>
order allow,deny
deny from all
</Files>
</IfModule>
# Use PHP5 as default
AddHandler application/x-httpd-php5 .php
What I need to do for making it work?
You have to define a rule and active the URL Rewriting :
#URL Rewriting
RewriteEngine on
RewriteRule ^somepage$ /somepage.php [L]
#Your code
<IfModule mod_suphp.c>
suPHP_ConfigPath /home/user/php.ini
<Files php.ini>
order allow,deny
deny from all
</Files>
</IfModule>
# Use PHP5 as default
AddHandler application/x-httpd-php5 .php