random_user_name
Reputation: 26160
How To Allow Access to Certain File Types but Deny All Others
While I'm confident this has been asked and answered somewhere, my Google and SO searches have not helped me solve what seems like a fairly easy problem.
The goal:
Deny access to ALL file types except images.
Current .htaccess file:
<Files *.*>
Order Deny,Allow
Deny from all
</Files>
<FilesMatch "\.(jpg|png|gif|jpeg|JPG|PNG|GIF|JPEG)$">
Order Deny,Allow
Allow from all
</FilesMatch>
I still cannot (via the browser) access any image files, with a "403 Forbidden" error.
Questions:
1. How do I make this work properly without rewrite rules?
2. Can I combine Files and FilesMatch rules like this?
3. Are the FilesMatch rules case sensitive?
Upvotes: 1
Views: 2243
Answers (1)
anubhava
Reputation: 785098
You can easily achieve this via mod_rewrite rules:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule !\.(jpe?g|png|gif)$ - [NC,F]
Using FilesMatch you could do this:
Order deny,allow
# first deny all files
<Files *>
deny from all
</Files>
# then allow all image files
<FilesMatch "(?i)\.(jpe?g|png|gif)$">
allow from all
</FilesMatch>
Upvotes: 2
Related Questions
- .htaccess deny access to specific files? more than one
- .htaccess deny access to all except to one file
- How to restrict/forbid access to specific file types such as .js .css inside a .htaccess file?
- Deny access to specific file types in specific directory
- htaccess only match specific file types in root
- .htaccess to restrict access by file type
- Deny access to multiple files in htaccess
- How to deny/restrict access to a particular file type in a LAMP environment?
- php how to allow some in a folder and not allow others in that folder
- Block access to all files except certain file types with .htaccess