i am sorry if this question has been ask before.
I have a folder that look like: project/version/download.zip
but the thing is i have multiple project folder and with multiple version folder
where I have a few files that i do not want anyone to access to in version folder but i want to allow user to access to download.zip
my question is how do i block access to other files but allow user to download the zip?
as for the file is just a File type.
or should i just transfer the zip file to some other folders and put deny from all in the project folder?
Please advice ^^ thank you
if your folder where your zip file resides, try adding .htaccess file with following in it:
Order Allow,Deny
Deny from all
<FilesMatch "\.zip$">
Order Deny,Allow
Allow from all
</FilesMatch>
Assuming you don't have .htaccess files in your version folders yet. If you have mod_rewrite enabled you should be able to do something like this:
First add a .htaccess file to the version folder. Add the following to that file
RewriteCond %{REQUEST_URI} !(download\.zip|grumpycat\.png)$
RewriteRule ^ [F,L]
Since the .htaccess file is in the version folder, all filenames are automatically prefixed with version/. It will block access to all files in that folder, and subfolders without .htaccess, except for download.zip and grumpycat.png. You can simpy copy and paste this file in any subfolder you want to restrict access to.
Alternativelly, if you alter the code slightly, you can instead make a .htaccess in your document root. You would do something like this:
RewriteCond %{REQUEST_URI} ^/(version|version1337|version9001)
RewriteCond %{REQUEST_URI} !(download\.zip|grumpycat\.png)$
RewriteRule ^ [F,L]
Now the requested url must begin with version, version1337 or version9001 and must not end with one of those filenames to trigger the forbidden error. Otherwise the file will be shown.
Related
I have my files in the root directory on 000webhost. This is the public_html folder. In the example given in the link below, the files in a folder are prevented from direct access.
Deny access to all files in a directory unless a specific php page is referrer
I would like to keep all my files in the root directory public_html rather than putting some in a separate folder. I also would like to prevent direct access to any file except for login.php, which I intend to login to my home page home.php. How would I go about changing the last line from the above link to refer to my root directory instead of a sub folder, and add exception to login.php?
RewriteEngine On
RewriteCond %{HTTP_REFERER} !login.php
RewriteRule ^uploads/downloads/ - [L,R=404]
I would like to modify the third line RewriteRule ^uploads/downloads/ - [L,R=404] so that
Instead of referencing the folder uploads/downloads/ I reference my root directly public_html in 000webhost, because all my files are placed there for convenience.
I add exception to my login page login.php, so that my login.php can be directly access while no other file can be directly accessed.
I am working on a new website and I want the following url /newsite/products to redirect to /newsite/products/product.php.
My .htaccess file is as follows:
RewriteEngine On
RewriteRule ^newsite/products$ /newsite/products/product.php
My problem is that there is already a folder called products within newsite and when requesting newsite/products it tries to open that folder rather than go to the php file.
I get:
Forbidden
You don't have permission to access /newsite/products/ on this server.
Is there any way to make this work?
EDIT: Requested url is: http://example.com/newsite/products and location of .htaccess is in root.
You need to turn off the directory slash to rewrite your file :
Try :
DirectorySlash off
RewriteEngine On
RewriteRule ^newsite/products$ /newsite/products/product.php [NC,L]
Don't add a trailing slash in rule pattern
/newsite/products
will rewrite to
/newsite/products/product.php
and
/newsite/products/
will open your "products" directory
Note- this is not a safe solution, if you remove the rule and DirectorySlash is off, Your index file will be ignored ,all directories will start listing files and folders.
I just installed CodeIgniter 3 and it seems that JS,CSS and images should be placed OUTSIDE Application folder. If not, link to those files does not run.
For many reasons I would like to have these kind of files inside application/views folder. I think that I should correctly set .htaccess file, but I would also like to "lower my defenses less possible".
What do you suggest?
All you need to do is in the application folder .htaccss change deny all to allow all and then make sure you auto load url helper and the call your folder from where ever you want.
Update you could try this code in application/.htaccess
RewriteEngine on
RewriteCond $1 !^(index\.php|assets|assets/css|assets/js|assets/ficheros|assets/img|robots\.txt)
RewriteRule ^(.*)$ index.php/$1 [L]
rename assets folder to what you want if using xampp/wampp etc do not for get to stop and then restart it. Of course when paste code do not for get to remove the deny all.
Its simple, just delete the contens inside the .htaccess file. It worked for me.
Consider these files structures on web root directory :
files/1/1.jpg
files/1/2.jpg
files/2/1.jpg
files/2/3.jpg
files/3/6.jpg
files/3/8.jpg
files/4/1.jpg
I want to deny access to files inside folder 2 and 3 using htaccess file that exists in web root directory. I try but nothing happend. Here's the code I used:
<FilesMatch "(2|3)\/*$" >
Order deny,allow
Deny from all
</FilesMatch>
Would you correct my mistake?
Thank you.
If your htaccess file is in your web root, and the files directory is also in the web root, you won't be able to match against files in another (sub)directory. You can either try putting the <FilesMatch> in an htaccess file in the files directory, or you can use mod_rewrite in the htaccess file in your web root:
RewriteEngine On
RewriteRule ^files/(2|3)/ - [F,L]
For optimal performance using htaccess, you should create a .htaccess file in each of the directories you want to protect:
Order deny,allow
Deny from all
Ok, I'm clueless here...
I need to rewrite a directory structure and all sub-directories within it to a directory within the same server, but a root that is before the directory.
For example:
http://www.mydomain.com/Themes/default/css/folder
and all directories called upon after folder. Such as folder/sub_folder or folder/afolder/anotherfolder, it needs to include ALL sub-directories within the folder directory.
should be redirected to this:
http://www.mydomain.com
How do I do this via a .htaccess file within the folder path http://www.mydomain.com/Themes/default/css/folder?
Please someone help.
Thanks guys :)
The files within the directory structure still need to be accessible for that structure when called via PHP, but I don't want people being able to browse to http://www.mydomain.com/Themes/default/css/folder and be shown all subdirectories within that folderpath and/or all files. Same thing for all sub-directories that follow that folder path.
I'd like to be able to place the .htaccess file within the http://www.mydomain.com/Themes/default/css/folder directory on the server, but don't know exactly what code to use for this.
ALSO, even more challenging... The domain name can change, so I'd rather not use the domain name within the .htaccess file, instead perhaps use .. or . to go up a directory or a different method of grabbing the domain name within the .htaccess file.
Create a .htaccess file in /Themes/default/css/folder and place these lines there (it requires mod_rewrite):
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ http://%{HTTP_HOST}/ [R=301,L]
It will redirect (301 Permanent Redirect) all requests to a folder to a homepage. If file is requested, it will allow it.
If you want to have it working for folders as well as files then remove the RewriteCond line -- it will redirect ALL requests (even for non-existing URLs) to a homepage.
If you will see "500 Internal Server Error" after creating such file, then it is your server configuration: mod_rewrite may not be enabled or it's directives (RewriteRule, RewriteCond, RewriteEngine) are not allowed to be placed in .htaccess. In any case -- check Apache's error log for exact error message (it will give you the exact reason).
http://www.besthostratings.com/articles/prevent-directory-listing.html
IndexIgnore *