Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

deny direct access to a folder and file by htaccess

People also ask

How do I restrict access to a folder in Apache?

Just add a . htaccess file with the code Deny from all to the folder.

How do I restrict access to a folder in PHP?

If you want to restrict access to files, you should consider storing them outside the public DocumentRoot and using PHP to deliver the file, applying your own access logic. This means outside the www or public_html folders, depending on the hosting environment you are working with.


I would just move the includes folder out of the web-root, but if you want to block direct access to the whole includes folder, you can put a .htaccess file in that folder that contains just:

deny from all

That way you cannot open any file from that folder, but you can include them in php without any problems.


This is pure mod_rewrite based solution:

RewriteRule ^(includes/|submit\.php) - [F,L,NC]

This will show forbidden error to use if URI contains either /includes/ or /submit.php


It's possible to use a Files directive and disallow access to all files, then use it again to set the files that are accessible:

<Files ~ "^.*">
  Deny from all
</Files>

<Files ~ "^index\.php|css|js|.*\.png|.*\.jpg|.*\.gif">
  Allow from all
</Files>

1 liner mod_alias based solution :

RedirectMatch 403 ^/folder/file.php$

This will show forbidden error for /folder/file.php


If I understand correctly you just want to deny access to the includes folder?

An .htaccess with a 'DENY FROM ALL' directive placed in the includes folder would do the trick.