Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Deny access to one specific folder in .htaccess

People also ask

How do I restrict access to a folder in Apache?

Just add a . htaccess file with the code Deny from all to the folder.

How do I deny access to htaccess?

Create a . htaccess file in the root of your project directory structure. Then open the . htaccess file and write this directive deny from all.


Create site/includes/.htaccess file and add this line:

Deny from all

You can also deny access to a folder using RedirectMatch

Add the following line to htaccess

RedirectMatch 403 ^/folder/?$

This will return a 403 forbidden error for the folder ie : http://example.com/folder/ but it doest block access to files and folders inside that folder, if you want to block everything inside the folder then just change the regex pattern to ^/folder/.*$ .

Another option is mod-rewrite If url-rewrting-module is enabled you can use something like the following in root/.htaccss :

RewriteEngine on

RewriteRule ^folder/?$ - [F,L]

This will internally map a request for the folder to forbidden error page.


In an .htaccess file you need to use

Deny from  all

Put this in site/includes/.htaccess to make it specific to the includes directory

If you just wish to disallow a listing of directory files you can use

Options -Indexes 

We will set the directory to be very secure, denying access for all file types. Below is the code you want to insert into the .htaccess file.

Order Allow,Deny 
Deny from all 

Since we have now set the security, we now want to allow access to our desired file types. To do that, add the code below to the .htaccess file under the security code you just inserted.

<FilesMatch "\.(jpg|gif|png|php)$">
Order Deny,Allow
   Allow from all
</FilesMatch>

your final .htaccess file will look like

Order Allow,Deny 
Deny from all 

<FilesMatch "\.(jpg|gif|png|php)$">
Order Deny,Allow
   Allow from all
</FilesMatch>

Source from Allow access to specific file types in a protected directory


You can create a .htaccess file for the folder, wich should have denied access with

Deny from  all

or you can redirect to a custom 404 page

Redirect /includes/ 404.html