cl0udw4lk3r
Reputation: 2733
.htaccess deny all direct file requests except the public files
this is my current ".htaccess" file (placed on my documentroot):
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
My project structure is:
app/ <---- here i have all my php code
public/ <----- css/js/images
.htaccess
index.php <---- starting point
I wish to deny direct access to my app files, like "/app/controller/controllerName.php" (i will handle all my request by using a router instead...), how can i achieve this? Without touching the public folder tree?
Upvotes: 1
Views: 590
Answers (1)
Sasha
Reputation: 118
For your current .htaccess if might make sense to do this:
ErrorDocument 404 index.php?error=404
That allows server to send proper "404" header to the client, and it still gives you control over the response. When you are at it, you might want to create entries for 400, 401, 403 and 500 errors too.
As for denying access to app/ folder, just drop .htaccess in it with this in:
Deny From All
Upvotes: 2
Related Questions
- Deny direct access to all .php files except index.php
- Apache - Deny access to all directories except public
- Prevent direct access to .php files in .htaccess
- Prevention of direct access to folder within public folder using .htaccess not working
- .htaccess: deny direct access to files in specific case
- Prevent direct file access
- .htaccess deny access to just PHP files
- Deny direct access to files using htaccess
- Preventing access to everything but the content of the public folder via htaccess
- Deny direct URL request to files in specific folder