Reputation: 351
Disable direct access to certain files (include)
I'm triyng to blobk access to certain files. I have on my server many files like this
filename_sql.php
Basically i need to disallow user to access directly to sql.php files:
http://url.com/filename_sql.php <<<
I have created an htaccess with this code, but i can access files direcly calling url. What do I wrong?
<Files ~ "\.sql(.php)?$">
Order allow,deny
Deny from all
</Files>
Thanks all.
Upvotes: 3
Views: 180
Answers (2)
Reputation: 109
Your regex expression is matching filenames that end in ".sql.php", but the example filename you listed ends with "_sql.php"
If you remove the first period, it should match requests like "filename_sql.php" (or anything ending with "sql.php"):
<Files ~ "sql(\.php)?$">
Order allow,deny
Deny from all
</Files>
But, an even better method for keeping these files from being directly accessed, would be to move them outside of the root/public directory.
Upvotes: 2
Reputation: 1092
I think this will do the trick
<Files ~ "\.sql(\.php)?$">
Order allow,deny
Deny from all
</Files>
You forgot to put \ before .php.
Upvotes: 0
Related Questions
- How to hinder PHP files to Global Access
- Prevent direct access to a php include file
- Is there a way to blacklist PHP include() or require()'s access to file paths?
- How to deny direct access to website files but allow website files to access each other by include 'file.php'?
- Restricting direct access to php file
- Preventing access to include files
- How can I prevent users from accessing include files?
- How to prevent direct access to files?
- Preventing direct access to php files
- How can I protect my included php files from direct access?