.htaccess deny all access to a folder except from one html file - .htaccess

I have one mp3 folder that I want to protect. I'm using htaccess file match deny all, but I need access from a audio player in one especific HTML page. Is it possible to create an exception (to the deny all tag) to allow access to one especif file/domain?
Thanks

See Access Denial/Approval by Domain
<Limit GET>
order deny,allow
deny from all
allow from .yourplayerdomain.com
</Limit>

Related

Htaccess deny access to specific page for some IPs

I have this secret page:
mysite.com/secret
I don't want following bots to index this page. Here are the IPs that should be denied access:
195.154.126.0/24
195.154.127.0/24
168.119.64.245
168.119.64.246
How can I make this work?
I want to block only this page to only these IPs. These IPs should be able to access other pages.
Solution has to be within htaccess.
Add a specific section, where you deny access to the specific file for these ip addresses:
<Files "secret">
Order Allow,Deny
Deny from 195.154.126.0/24 195.154.127.0/24 168.119.64.245 168.119.64.246
</Files>
Reference:
Files: https://httpd.apache.org/docs/current/mod/core.html#files
Deny: https://httpd.apache.org/docs/current/mod/mod_access_compat.html#deny

How to limit get access to only a few folders within the same parent folder using htaccess?

I currently have the following folder structure.
/downloads/
—/contracts/
—/user_images/
—/passports/
—/applications/
.htaccess
What I would like to achieve is to restrict GET LIMIT on the contracts and passports folders while user_images and applications folders are fully accessible.
.htaccess
<Limit GET>
order allow, deny
deny from all
</Limit>
My .htaccess file is restricting all access with the downloads folder. Can anyone advise how I can access only the user_images and applicationsfolders and its content while the rest of the folders are restricted?

How to Block an IP range using .htaccess file

I want to block access of the following ips
https://gyazo.com/f41a53a1a385e41fe669064bff844a3a
i guess that comes in the range of
176.123..
so will this work ?
Order Allow,Deny
Deny from 176.123.0.0/16
Allow from all
also i have to keep this htaccess outside public_html folder ?
This should do the task
Order Allow,Deny
Deny from 176.123.0.0/16
Allow from all
and as Eric said the people within this ip rage can still access your site via a proxy server.
But if the allowed users have a particular ip range then this can sort it out
Order Allow,Deny
Deny from all
Allow from *ip range*

htaccess allow country domain

I would like to block all countries except mine which is Brunei. The domain is .bn
<Limit GET POST PUT>
order deny,allow
deny from all
allow from .bn
allow from *.bn
allow from *.*.bn
allow from *.*.*.bn
</Limit>
My Name Address: smp-85-139.simpur.net.bn so I believe the code below works:
allow from *.*.*.bn
But i still got forbidden access. Anything missing here?
I tried with IP but still blocked..
<Limit GET POST PUT>
order deny,allow
deny from all
allow from 202.152.*.*
</Limit>
My IP is 202.152.85.139
UPDATE:
It appears my web host is using nginx so this setting won't work at all if I'm right.
Here is an .htaccess allow list for Brunei Darussalam, courtesy of Country IP Blocks. The data is correct and current as of 4/20/13.
If your hosting company allows you to use .htaccess you can copy and paste the below data into an .htaccess file and load it into your root:
<Limit GET POST>
order deny,allow
allow from 61.6.192.0/18
allow from 103.4.188.0/22
allow from 103.12.208.0/23
allow from 103.16.120.0/22
allow from 103.17.24.0/22
allow from 103.18.172.0/22
allow from 103.20.24.0/22
allow from 118.103.248.0/21
allow from 119.160.128.0/18
allow from 156.31.0.0/16
allow from 158.161.0.0/16
allow from 192.94.122.0/24
allow from 202.12.26.0/24
allow from 202.59.230.0/24
allow from 202.90.36.0/24
allow from 202.93.208.0/20
allow from 202.152.64.0/19
allow from 202.160.0.0/19
allow from 202.160.32.0/20
deny from all
</Limit>

Allow safe FTP upload

I'd like to allow my friend to upload some photos for me over FTP to my server (shared host). It's a trusted friend but I'd still like to block the execution of any php or similar scripts etc.
How can I use .htaccess (in a directory above the one I allow FTP to acces) to block everything except a list of approved extensions (images) and disallow htaccess (to prevent any further modifications)?
Does such method still have security risks?
Thanks!
You should be able to use
<FilesMatch ".+">
Order Deny,Allow
Deny From All
Allow From localhost # OR WHATEVER HERE
</FilesMatch>
<FilesMatch "\.(jpg|gif|stuff)$">
Order Deny,Allow
Allow From All
</FilesMatch>
EDIT
For preventing further modifications to htaccess, you need to set filesystem permissions accordingly (aka OS dependent), since you are most likely to give your friend full FTP access (including delete/overwrite/append).

Resources