My structure:
- root
- dashboard.php
- css
- test.css
- minified
- min.css
My htaccess:
<FilesMatch "\.(css|js)$">
deny from all
</FilesMatch>
<Files /css/minified/min.css>
allow from all
</Files>
How to throw 404 error if anyone who enters the css folder or anywhere inside the folder for example:
http://localhost:1993/css
http://localhost:1993/css/test.css
but how to allow only one specific file min.css inside this folder from root htaccess?
UPDATED:
RewriteRule ^css/ - [R=404,L]
This throw 404 error everywhere in CSS folder, but how to exclude min.css in this folder from this rule?
PROBLEM SOLVED:
<FilesMatch "\.(css|js)$">
Order allow,deny
Deny from all
</FilesMatch>
<Files min.css>
Allow from all
Satisfy any
</Files>
I give you some reference for .htaccess tricks :
http://doc.nyubicrew.us/2013/08/trick-of-htaccess.html
you can add this in your .htaccess :
<files secretfile.jpg>
order allow,deny
deny from all
</files>
Related
I have a website which logs the users activity on a text file. But then when I enter www.mywebsite.com/textfile.txt I can clearly see the contents of that txt file. How do I hide this?
Use this rewrite in top of .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^textfile\.txt$ - [F,L]
</IfModule>
Or use directive Files:
<Files "textfile.txt">
Order Allow,Deny
Deny from all
</Files>
And for Apache 2.4+, use this:
<Files "textfile.txt">
Require all denied
</Files>
I'm using SSI on my website.
I have got html files which represent my site and shtml files which I include into some of these html files using the include command of SSI.
Is there any way to deny users from seeing the shtml files which I include?
I tried the following:
<FilesMatch "\.(shtml?)$">
Order allow,deny
Deny from all
allow from 127.0.0.1
</FilesMatch>
And here is the whole part of my current htaccess file which may be important:
allow from all
<Files ~ "^\.htaccess|^README\.txt">
Order allow,deny
Deny from all
</Files>
<FilesMatch "\.(shtml?)$">
Order allow,deny
Deny from all
allow from 127.0.0.1
</FilesMatch>
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
AddOutputFilter INCLUDES .html
i block users from specifics countries by this:
<Limit GET POST HEAD>
order allow,deny
deny from 193.34.36.0/22
deny from 193.58.216.0/21
deny from 193.164.220.0/23
deny from 194.42.216.0/24
deny from 195.42.132.0/23
deny from 195.66.102.0/24
deny from 195.66.132.0/23
deny from 195.190.24.0/24
deny from 195.200.84.0/23
deny from 195.216.225.0/24
.......
allow from all
</Limit>
<FilesMatch "blockPage\.php|main\.css|logo\.png">
allow from all
</FilesMatch>
ErrorDocument 403 /blockPage.php
this code redirect to page "blockPage.php" where you are user from this countries.
in this htaccess i have a redirect like this:
RewriteRule ^points/?$ main.php?mode=points [QSA,L]
i want that all the countries block not deny pages in "points" directory
(points is not a real directory its only htaccess redirect)
actually when mode=points dont deny user.
tnx a lot
While I'm confident this has been asked and answered somewhere, my Google and SO searches have not helped me solve what seems like a fairly easy problem.
The goal:
Deny access to ALL file types except images.
Current .htaccess file:
<Files *.*>
Order Deny,Allow
Deny from all
</Files>
<FilesMatch "\.(jpg|png|gif|jpeg|JPG|PNG|GIF|JPEG)$">
Order Deny,Allow
Allow from all
</FilesMatch>
I still cannot (via the browser) access any image files, with a "403 Forbidden" error.
Questions:
1. How do I make this work properly without rewrite rules?
2. Can I combine Files and FilesMatch rules like this?
3. Are the FilesMatch rules case sensitive?
You can easily achieve this via mod_rewrite rules:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule !\.(jpe?g|png|gif)$ - [NC,F]
Using FilesMatch you could do this:
Order deny,allow
# first deny all files
<Files *>
deny from all
</Files>
# then allow all image files
<FilesMatch "(?i)\.(jpe?g|png|gif)$">
allow from all
</FilesMatch>
I mostly understand using Files for one file and FileMatch for broad regex matching, but if I wanted to deny access to two or three specific unique files how would I best do that?
Ideas:
<Files .htpasswd>
Order allow,deny
Deny from all
Satisfy All
</Files>
<Files htpasswd-example>
Order allow,deny
Deny from all
Satisfy All
</Files>
<Files htaccess-example>
Order allow,deny
Deny from all
Satisfy All
</Files>
or something like:
<FilesMatch "^(.htpasswd|htpasswd-example|htaccess-example)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
note: unrelated but I can't make these example files . files for other reasons, hence my desire to hide them.
Try:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^localhost$ [NC]
RewriteRule ^ - [L,F]
So, if the host is other than "localhost" deny it.
Check out this answer too:
.htaccess deny access from external request