Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Apache configuration: Regex to disable access to files/directories beginning with a dot

Tags:

regex

apache

.htaccess

I want to disable access to any file OR directory, whose name begins with a DOT. I came up with the following, but it disables access to files/directories beginning with DOT only if they are directly in the Document root.

<Files ~ "^\.|\/\.">
    Order allow,deny
    Deny from all
</Files>

With this, 

http://my_server.com/.svn/entries   --> Permission denied
http://my_server.com/abcd/.svn/entries  --> Accessible, should be disabled

Whats the proper regex to achieve this?

2 Answers

You code does not work because <Files> only applies to the basename of the requested document. That is, the part after the last slash. (source: http://httpd.apache.org/docs/current/mod/core.html#files)

Apache blocks .htaccess files in a default installation (better: all files starting with .ht). If you looked closely at the configuration files, you would see something like this:

<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
</FilesMatch>

So to hide all files starting with a dot, you would use:

<FilesMatch "^\.">
    Order allow,deny
    Deny from all
</FilesMatch>

In order to make it work for directories starting with a dot, use the following (tested) code:

<DirectoryMatch "^\.|\/\.">
    Order allow,deny
    Deny from all
</DirectoryMatch>
like image 57
Lekensteyn Avatar answered Sep 07 '25 18:09

Lekensteyn

 
RewriteRule (^\.|/\.) - [F]

This will deny from viewing any files or directories beginning with dot. It affects any level in the paths tree.

[F] modifier at the end says to forbid access (no need for L modifier to say that it is Last rule to apply, it is implied by default).

The regular expression has two parts (any of them allowed to match, not required to be both):

(part1|part2)

The first part matches anything that starts from dot (for the case when you use it in per-directory .htaccess file and there will be no slash at the start of string we are matching on):

^\.

For example, this will work for .test, .git/HEAD but will not work for /.git, path/.hidden.

The second part matches anything that contains slash followed by dot. This is useful if you have this rule in VirtualHost or in side-wide Apache configuration, in which a case string we match may begin with slash.

This rule will match: /.git, some/.hidden This rule will not match: .git, .hidden

When we combine these both rules, it seems that we cover all possible cases.

like image 44
Meglio Avatar answered Sep 07 '25 16:09

Meglio
Sign in to Comment

Related questions

Meaning of (?s) in regex
Regex remove word from a specific string
Which programming languages are regular? [closed]
Eclipse Regex Search for beginning and end of line not working
\s not working in C++ regex
How can I parse a .txt with a delimiter that has multiple characters into a pandas df?
Regex to allow all Numbers but not if only 0 in Javascript
Redirect all non-www to www for both http and https with .htaccess
Is there a way to split a string on delimiters including colon(:) except when it involves time?
Regular Expression for Postgres
JS Regex For Human Names
Regular Expression Nucleotide Search
regex for numerics and decimals in java
extract all the numbers from a string in a javascript
Unbalanced parenthesis error with Regex
Regular expression to allow a set of characters and disallow others
Replace a string using dictionary - regex
Replacing multiple regex patterns together
Regex to replace <br> and <br/> with \n
Find and Replace all words starting with # and wrap the hashtagged text in HTML

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!