htaccess directory listing - .htaccess

I'm trying to list files in one particular directory and with one particular ip. This htaccess file is located in that directory. So far, it seems that the hosting does not allow me to list directories. On localhost i can list everything in that directory, except the IndexIgnore ones, of course. The htaccess file content is:
Options +Indexes
<Limit GET POST>
order deny,allow
deny from all
allow from 1.1.1.1
</Limit>
IndexIgnore tabele_remote.php
IndexIgnore demo.txt
IndexIgnore functions.php
IndexIgnore config.php

It seems that AllowOverride directive is set somewhere previously
Also check there is no IndexIgnore * set on the parent directories or server entirely

change order deny,allow to order allow,deny and give it a try.
Also set AllowOverride all

Related

htaccess <files> directive affecting subdirectories

The directive in htaccess affects subdirectories as well, so:
<files login.php>
order deny,allow
deny from all
Is blocking access to all files named like that regardless of where they are located. Is there a way to make it apply only to the file in the current directory (where .htaccess is located) but not directories below it?
You can use Location instead of Files
<Location "path/folder/file">
Order Allow,Deny
Deny from all
</Location>
You can use mod-rewrite instead of files directive to deny access to a specific file.
RewriteEngine on
RewriteRule ^login\.php$ - [R=403,L]
This will block access to a single URL http://example.com/login.php .
Or you can also use the following one liner mod-alias based blocking:
Redirect 403 /login.php

Why I can't open site for url like site.com although I give access for index.php in .htaccess file?

I have .htaccess file:
Order deny,allow
Deny from all
# deny view files in directory
Options -Indexes
<FilesMatch "index\.php|profile\.php|newgame\.php|game\.php">
Allow from all
</FilesMatch>
It works well, I can open index.php or profile.php for url like site.com/index.php. But I can't open site for url site.com. Why? I give access to index.php. Isn't site.com the same of site.com/index.php. How to change .htaccess file to take into account this situation?
UPDATE
apache2.conf contains:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
You need to configure apache to recognize index.php as index file.
Add
DirectoryIndex index.php

Htaccess disallow inside directory

i have a directory with .htaccess with deny
deny from all
and inside that directory there is another directory with .htaccess like this:
<Directory "/dir1/dir2">
Options All
AllowOverride All
Order allow,deny
Allow from all
</Directory>
How can i deny the access to second directory with htaccess on first directory?
Thanks for answers.
<Files *>
deny from all
</Files>
did the job :)

Deny access to all files except index file - Apache2

I'm configuring an Apache2 server, but I'm having trouble figuring out how to deny access to all files/directories except the index file.
My website resides inside /var/www/
This is my current setup in the /etc/apache2/apache2.conf file:
<Directory />
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var/www/>
Order Allow,Deny
Allow from all
</Directory>
How do I solve my problem? Thanks!
Try adding a <FilesMatch> for index.php. If it doesn't work in this position, move it above the directory's Deny from all. Change index.html to whatever your index file is.
<Directory />
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var/www/>
# Deny first, then allow
Order deny,allow
# Deny everyone from everything
Deny from all
<FilesMatch index\.html>
# but allow index.html
Allow from all
</FilesMatch>
</Directory>
I think you're better off simply piping everything to the index file, not denying access to everything else.
This can be done through RewriteRule:
RewriteEngine On
# index goes to index (this is first to prevent infinite loop)
RewriteRule ^/index\.html$ - [L]
# everything else goes to index
RewriteRule .* /index.html [L]

Allow directory listing only for a IP

I've activated directory listing with this line in the .htaccess:
Options +Indexes
How can I limit this to only one IP address with having access to all files/directories for everyone (every IP)?
Not tested:
allow from all
Options -Indexes
<Files *>
deny from all
allow from 195.112.15.4
Options +Indexes
</Files>
This way the Options +Indexes will be valid only for IP 195.112.15.4
I know this is an old thread but as I have just found something that seems to work, I've decided to share it here.
Adding this seems to do the trick:
<Files .>
Order Deny,Allow
Deny From All
Allow From 195.112.15.4
</Files>
This is what I got working for me, this is the .htaccess inside the folder I don't want everyone to be able to list, but if I give them a link to a file inside it, I want anyone (all) to be able to download the link.
allow from all
Options -Indexes
<Files *>
deny from all
allow from all
Options -Indexes
</Files>
<Files .>
Order Deny,Allow
Deny From All
Allow From xx.xx.xx.xx
# put the IP you want to allow indexing for above here
Options +Indexes
</Files>
tested
supposing "index.html" is the one configured as your DirectoryIndex, and XX.XX.XX.XX is your IP address, simple put these lines:
<FilesMatch "index.html">
Order deny,allow
Deny from all
allow from XX.XX.XX.XX
</FilesMatch>

Resources