Reputation: 5071
Only Allow $_POST and $_GET and Deny All HTACCESS
I hope I didn't miss any question related to this while scanning the website. So I am completing a small project written in PHP. My core files are in a single directory (includes) where I want to prevent directory listing and user access. Deny from all rule in HTACCESS file (placed in root of concerned directory) works for disabling the direct access but my forms also don't work when I add an HTACCESS file with this code.
Please note that I have some files. Some of these files process the data received via $_POST and $_GET so I want to allow internal server requests on files in protected directories. How can I get these results? Please help.
Upvotes: 1
Views: 2242
Answers (1)
Reputation: 397
This link might help you: http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html
To quote from the top of the page: In general, access restriction directives apply to all access methods (GET, PUT, POST, etc). This is the desired behavior in most cases. However, it is possible to restrict some methods, while leaving other methods unrestricted, by enclosing the directives in a section.
So basically the final answer that will help you is found here: http://httpd.apache.org/docs/2.2/mod/core.html#limit
Hope this helps.
Upvotes: 2
Related Questions
- Only Allow POST Requests and Deny all other REQUEST_METHOD using .htaccess
- How to block post method on some url in htaccess
- Block HTTP POST request
- Htaccess deny specific get parameter
- Restrict POST Request The Server
- .htaccess password auth but allow post request
- .htaccess deny from all BUT server
- Allow Deny rules in htaccess php, apache?
- .htaccess deny all, except?
- PHP htaccess - allow disallow