Menu
I'm attempting to deny access to anyone surfing for PHP files in a specific directory:
example.com/inc/
I've created an example.com/inc/.htaccess file with the contents:
Order deny,allow
Deny from all
This results in a 403 Forbidden response when I try to access one of the files. For example: example.com/inc/file.php
The problem is, my web server is also denied access and my application stops working.
How can I deny access to people surfing for such PHP files but allow my shared web server access?
Note: I'm using GoDaddy shared hosting.
873
By default, PHP does not restrict which files and directories your PHP scripts can access. To restrict the directories that can be accessed, you can use PHP's open_basedir setting.
You just need to add a few commands to . htaccess to make it happen. For example, deny from all is a command that will allow you to apply access restrictions to your site.
htaccess using PHP's built-in webserver (it is not relying on apache, it is implemented entirely in PHP's core).
htaccess file is placed in a directory which in turn loaded via the Apache web server, then the . htaccess file detected and executed by the Apache server software.
I would would just use a rule and block the access that is entered by the user. This will block any php file that is entered.
RewriteEngine On
RewriteRule ^.*\.php$ - [F,L,NC]
Edit based on your comment. Try this way.
<Files (file|class)\.php>
order allow,deny
deny from all
allow from 127.0.0.1
allow from 192.168.0.1
</Files>
Replace 192.168.0.1 with your server IP address.
69
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
