Reputation: 944
.htaccess deny access to just PHP files
I have a module directory in my project and I want to prevent access to PHP files inside it. Besides I have some css and js files in that directory that should be parsed. I used this code in .htaccess
deny from all
But it made my css and js files not accessible too. How can I prevent access to just PHP files, but not css and js files?
Upvotes: 0
Views: 1871
Answers (2)
Reputation: 3236
I've checked @xbonez code and it gives me the same error.
I'm using this code (tested):
Options -Indexes
RewriteEngine on
RewriteCond %{REQUEST_URI} !\.(css|js)$ [NC]
RewriteRule .+ - [F,L]
Remember to set Options -Indexes so that your folders are not browseable.
Edit:
Notes:
* this code must be put into an .htaccess file and place it inside your desired directory
* %{REQUEST_URI} = the relative url of what you have requested. Example: directory/style.css
* !\.(css|js)$ = every file that doesn't end with css or js
* .+ - [F,L] = forbid the requested url/file
Upvotes: 1
Reputation: 42450
After the deny for all, you can allow access to css and js files with this directive
<FilesMatch "*\.(css|js)$">
Order Allow,Deny
Allow from all
</FilesMatch>
Your final htaccess should look somewhat like this:
Order Deny,Allow
Deny from all
<FilesMatch "*\.(css|js)$">
Order Allow,Deny
Allow from all
</FilesMatch>
Upvotes: 0
Related Questions
- Deny direct access to all .php files except index.php
- Block access to PHP file using .htaccess
- Prevent direct access to .php files in .htaccess
- htaccess deny access to all php files except specific one
- deny access of php file from url htaccess
- .htaccess deny php files from all except index
- Deny access to all PHP files in a directory using .htaccess
- How to forbid HTTP access to PHP files?
- Deny access to .php files apart from the server itself
- .htaccess deny access to folder