Deny access to a folder when accessed from certain url

Question

I have the site example.com.

In one of its folders, I have a different site which is accessed through the domain exampleSubSite.com and the folder of the second site is called /exampleSubSiteFolder/.

The access is made via redirect in the .htaccess of the main site:

 RewriteRule ^exampleSubSiteFolder - [L]
 RewriteCond %{HTTP_HOST} ^(www\.)?exampleSubSite\.com$ [NC]
 RewriteRule ^(.*)$ exampleSubSiteFolder/$1 [L]

However, I DO NOT want this folder to be accessible from the URL of the main site:

exampleSite.com/exampleSubSiteFolder/

Can someone, please help me with that? I know the solution is bad as a whole, but this does not depend on me.

Answer 1

This is how I would do it In virtualhost context (only works on 2.4.x):

<Directory /path/to/exampleSubSiteFolder>
    <If "%{HTTP_HOST} == 'exampleSite.com'">
        Require all denied
    </If>
    <Else>
        Require all granted
    </Else>
</Directory>

If you were not the admin and only have access to .htaccess, I would just place inside a .htaccess in the specified directory:

<If "%{HTTP_HOST} == 'exampleSite.com'">
    Require all denied
</If>
<Else>
    Require all granted
</Else>

My recommendation, never use .htaccess if you can admin the site and main conf, virtualhosts,etc.

This is all assuming you have only a single "catch-all" virtualhost of course and/or .htaccess.

If you have a virtualhost for each name (which is what everyone should do), it will be enough with having Require all denied or granted where appropiate in each virtualhost.

Answer 2

To do this, inside the folder named exampleSubSiteFolder create a .htaccess file and add the following inside of it:

Order Allow,Deny
Deny from all

However, if you're using Apache 2.4, then you would use the following instead:

Require all denied

So anyone that tries to access exampleSubSite.com/exampleSubSiteFolder/ would be stopped.