Deny countries exclude specific directory - .htaccess

i block users from specifics countries by this:
<Limit GET POST HEAD>
order allow,deny
deny from 193.34.36.0/22
deny from 193.58.216.0/21
deny from 193.164.220.0/23
deny from 194.42.216.0/24
deny from 195.42.132.0/23
deny from 195.66.102.0/24
deny from 195.66.132.0/23
deny from 195.190.24.0/24
deny from 195.200.84.0/23
deny from 195.216.225.0/24
.......
allow from all
</Limit>
<FilesMatch "blockPage\.php|main\.css|logo\.png">
allow from all
</FilesMatch>
ErrorDocument 403 /blockPage.php
this code redirect to page "blockPage.php" where you are user from this countries.
in this htaccess i have a redirect like this:
RewriteRule ^points/?$ main.php?mode=points [QSA,L]
i want that all the countries block not deny pages in "points" directory
(points is not a real directory its only htaccess redirect)
actually when mode=points dont deny user.
tnx a lot

Related

HTACCESS: 404 error on folder but allow one file

My structure:
- root
- dashboard.php
- css
- test.css
- minified
- min.css
My htaccess:
<FilesMatch "\.(css|js)$">
deny from all
</FilesMatch>
<Files /css/minified/min.css>
allow from all
</Files>
How to throw 404 error if anyone who enters the css folder or anywhere inside the folder for example:
http://localhost:1993/css
http://localhost:1993/css/test.css
but how to allow only one specific file min.css inside this folder from root htaccess?
UPDATED:
RewriteRule ^css/ - [R=404,L]
This throw 404 error everywhere in CSS folder, but how to exclude min.css in this folder from this rule?
PROBLEM SOLVED:
<FilesMatch "\.(css|js)$">
Order allow,deny
Deny from all
</FilesMatch>
<Files min.css>
Allow from all
Satisfy any
</Files>
I give you some reference for .htaccess tricks :
http://doc.nyubicrew.us/2013/08/trick-of-htaccess.html
you can add this in your .htaccess :
<files secretfile.jpg>
order allow,deny
deny from all
</files>

How To Allow Access to Certain File Types but Deny All Others

While I'm confident this has been asked and answered somewhere, my Google and SO searches have not helped me solve what seems like a fairly easy problem.
The goal:
Deny access to ALL file types except images.
Current .htaccess file:
<Files *.*>
Order Deny,Allow
Deny from all
</Files>
<FilesMatch "\.(jpg|png|gif|jpeg|JPG|PNG|GIF|JPEG)$">
Order Deny,Allow
Allow from all
</FilesMatch>
I still cannot (via the browser) access any image files, with a "403 Forbidden" error.
Questions:
1. How do I make this work properly without rewrite rules?
2. Can I combine Files and FilesMatch rules like this?
3. Are the FilesMatch rules case sensitive?
You can easily achieve this via mod_rewrite rules:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule !\.(jpe?g|png|gif)$ - [NC,F]
Using FilesMatch you could do this:
Order deny,allow
# first deny all files
<Files *>
deny from all
</Files>
# then allow all image files
<FilesMatch "(?i)\.(jpe?g|png|gif)$">
allow from all
</FilesMatch>

FilesMatch or Files in htaccess to deny two specific files

I mostly understand using Files for one file and FileMatch for broad regex matching, but if I wanted to deny access to two or three specific unique files how would I best do that?
Ideas:
<Files .htpasswd>
Order allow,deny
Deny from all
Satisfy All
</Files>
<Files htpasswd-example>
Order allow,deny
Deny from all
Satisfy All
</Files>
<Files htaccess-example>
Order allow,deny
Deny from all
Satisfy All
</Files>
or something like:
<FilesMatch "^(.htpasswd|htpasswd-example|htaccess-example)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
note: unrelated but I can't make these example files . files for other reasons, hence my desire to hide them.
Try:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^localhost$ [NC]
RewriteRule ^ - [L,F]
So, if the host is other than "localhost" deny it.
Check out this answer too:
.htaccess deny access from external request

Block IP ranges and redirect using htaccess file

Hi I'm trying to block people from a particular country
to view my website and I tried this
ErrorDocument 403 http://somewebsite/forbidden.html
<Limit GET HEAD POST>
order allow,deny
deny from 41.66.192.0/18
deny from 41.74.80.0/20
deny from 41.75.48.0/20
deny from 41.76.24.0/21
deny from 41.77.64.0/21
deny from 41.78.40.0/22
deny from 41.78.124.0/22
deny from 41.78.144.0/22
deny from 41.79.84.0/22
deny from 41.93.128.0/17
deny from 41.139.0.0/18
deny from 41.189.128.0/19
deny from 41.190.68.0/22
deny from 41.190.88.0/22
deny from 41.191.96.0/22
deny from 41.191.240.0/21
deny from 41.202.0.0/19
deny from 41.204.32.0/19
deny from 41.210.0.0/18
deny from 41.211.0.0/19
deny from 41.215.160.0/20
deny from 41.218.192.0/18
deny from 41.220.48.0/20
deny from 41.222.232.0/22
deny from 80.87.64.0/19
deny from 192.251.202.0/24
deny from 193.108.23.0/24
deny from 193.108.28.0/24
deny from 193.194.128.0/24
deny from 193.194.160.0/19
deny from 196.1.116.0/23
deny from 196.1.118.0/24
deny from 196.1.137.0/24
deny from 196.3.64.0/24
deny from 196.29.96.0/19
deny from 196.29.224.0/20
deny from 196.43.194.0/24
deny from 196.43.196.0/24
deny from 196.43.206.0/23
deny from 196.44.48.0/20
deny from 196.44.96.0/19
deny from 196.46.80.0/20
deny from 196.201.2.0/24
deny from 196.201.32.0/19
deny from 196.201.160.0/19
deny from 196.216.180.0/22
deny from 196.216.188.0/22
deny from 197.220.160.0/19
deny from 197.221.64.0/19
deny from 197.253.64.0/18
deny from 197.255.64.0/18
deny from 212.85.192.0/19
deny from 212.96.0.0/19
#
allow from all
</Limit>
The issue is that I am having a redirect loop.
Based on my research, mod_rewrite would the trick great but I am quite new to htaccess mod_rewrite. Can anyone help?
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^196\.43\.194\. [OR]
RewriteCond %{REMOTE_ADDR} ^41\.78\.144\. [OR]
RewriteCond %{REMOTE_ADDR} ^212\.96\.
RewriteRule . - [F,L]
</IfModule>
It isn't supposed to work for exact subnets though. If this is the server you administer other solutions like mod_geoip is the way to go.

Allow directory listing only for a IP

I've activated directory listing with this line in the .htaccess:
Options +Indexes
How can I limit this to only one IP address with having access to all files/directories for everyone (every IP)?
Not tested:
allow from all
Options -Indexes
<Files *>
deny from all
allow from 195.112.15.4
Options +Indexes
</Files>
This way the Options +Indexes will be valid only for IP 195.112.15.4
I know this is an old thread but as I have just found something that seems to work, I've decided to share it here.
Adding this seems to do the trick:
<Files .>
Order Deny,Allow
Deny From All
Allow From 195.112.15.4
</Files>
This is what I got working for me, this is the .htaccess inside the folder I don't want everyone to be able to list, but if I give them a link to a file inside it, I want anyone (all) to be able to download the link.
allow from all
Options -Indexes
<Files *>
deny from all
allow from all
Options -Indexes
</Files>
<Files .>
Order Deny,Allow
Deny From All
Allow From xx.xx.xx.xx
# put the IP you want to allow indexing for above here
Options +Indexes
</Files>
tested
supposing "index.html" is the one configured as your DirectoryIndex, and XX.XX.XX.XX is your IP address, simple put these lines:
<FilesMatch "index.html">
Order deny,allow
Deny from all
allow from XX.XX.XX.XX
</FilesMatch>

Resources