Pink Code
Reputation: 1844
Prevent direct access to .htaccess file
i need to prevent access to .htaccess file. my file is:
# secure htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>
# disable directory browsing
Options All -Indexes
when i check URL :
http://localhost/cms/htaccess
I see .htaccess file data
How do i can prevent/deny access to .htaccess file?
Upvotes: 4
Views: 3737
Answers (2)
KesaVan
Reputation: 1031
You can secure access Within an htaccess file itself, the scope of the directive only applies to that directory, See the below code.
To secure the htaccess file.
<Files "log.txt">
Order Allow,Deny
Deny from all
</Files>
In your htaccess file in your local. Also you can use mod_rewrite to sort of handle both cases deny & access to htaccess file as well as log.txt:
RewriteRule /?\.htaccess$ - [F,L]
RewriteRule ^/?inscription/log\.txt$ - [F,L]
Upvotes: 1
anubhava
Reputation: 785866
You're blocking .htaccess but accessing http://localhost/cms/htaccess
Try accessing http://localhost/cms/.htaccess
If you want to block both try this FilesMatch directive with regex:
<FilesMatch "\.?htaccess$">
order allow,deny
deny from all
</FilesMatch>
Upvotes: 5
Related Questions
- deny direct access to a folder and file by htaccess
- How prevent access if the request URL doesn't have string in .htacess
- How to deny access to a url within htaccess
- Prevent direct access to .php files in .htaccess
- Deny access to file in htaccess, on certain conditions
- Prevent direct file access
- Deny direct access to files using htaccess
- Disallow direct access to a file in htaccess?
- .htaccess: prevent access to files and prevent directory browsing
- Block direct access to directory with .htaccess file