Reputation: 1290
How can i block direct access of particular directory , files in Apache ?
I'm trying to block direct access of some directory , files with .htaccess in Ubuntu . I know that this question has many possible duplicates, but none of them helped me yet.
My directory structure :
---- /var/www/html
- login.html
- private (folder)
-- content.html
-- css / style1.css , style2.css
-- JS / myscript1.js , myscript.js
Now i want to block direct access of private folder . like
10.0.0.1/private - Block or Password required
10.0.0.1/private/css - Block or Password required
10.0.0.1/private/js - Block or Password required
But i need to access css ,js for login.html . So i want to allow these private folder access for login.html .
like :
10.0.0.1/index.html - Allow
calling content.html via 10.0.0.1/index.html - Allow
request private/css/style1.css via 10.0.0.1/index.html - Allow
request private/css/style2.css via 10.0.0.1/index.html - Allow
request private/JS/myscript1.js via 10.0.0.1/index.html - Allow
request private/JS/myscript2.js via 10.0.0.1/index.html - Allow
I wrote like this to block private folder acess :
<Directory /var/www/html/private/>
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Directory>
This is working fine when i access 10.0.0.1/private . But this is making problem when index.html request css , js .
How can i done with apache.conf and .htacess ? How can i write rule ?
Any suggestions ?
Upvotes: 0
Views: 1167
Answers (1)
Reputation: 1802
Create .htaccess file in each folder where you want to allow (eg: private/css/.htaccess)
Reference: http://httpd.apache.org/docs/2.2/mod/core.html#require
Satisfy Any
Order Allow,Deny
Allow from all
Edit:
Removing controls in subdirectories
The following example shows how to use the Satisfy directive to disable access controls in a subdirectory of a protected directory. This technique should be used with caution, because it will also disable any access controls imposed by mod_authz_host.
<Directory /path/to/protected/>
Require user david
</Directory>
<Directory /path/to/protected/unprotected>
# All access controls and authentication are disabled
# in this directory
Satisfy Any
Allow from all
</Directory>
Upvotes: 1
Related Questions
- Prevent access to files in a certain folder
- Prevent direct file access
- Deny direct access to files using htaccess
- .htaccess file. Can I block access to a directory without blocking access to the files within it?
- Block direct access to directory with .htaccess file
- .htaccess to block access to files in another directory without <directory>
- How to restrict access to a file or files using .htaccess?
- Deny direct access to files or directory using .htaccess
- Deny direct URL request to files in specific folder
- How do I stop visitors directly accessing the directories in my website?