millebii
Reputation: 1287
How to prevent access to all but ONE file with htaccess
I'm trying to prevent access to all files but ONE using .htaccess, in this way but it does not work.
<Files accessibleFile.php>
allow from all
</Files>
<Filesmatch "^((?!accessibleFile\.php).)*$">
AuthUserFile .htpasswd
AuthGroupFile /dev/null
AuthName "Restricted Access"
AuthType Basic
</Filesmatch>
<Limit GET POST>
require valid-user
</Limit>
Any one can help? Added: I still want to have logged access to the other files.
Upvotes: 1
Views: 2318
Answers (3)
Frank N
Reputation: 10386
Here you go (Apache 2.2, minor modification on the Allow+Satisfy needed for Apache 2.4+):
AuthType Basic
AuthGroupFile /dev/null
AuthName "please log in"
AuthUserFile /is/htdocs/foo/.htpasswd
require user Mike
<FilesMatch "(admin-ajax.php|info.jpg)">
Allow from all
Satisfy any
</FilesMatch>
Upvotes: 0
Linus Kleen
Reputation: 34622
This is enough:
Deny from all
<Files "allowed.php">
Allow from all
</Files>
Also note that your <Limit GET POST> directive makes your site vulnerable to HTTP Verb Tampering.
Upvotes: 3
Tobias
Reputation: 7380
Put the file in a seperate folder and secure this folder using .htaccess and .htpasswd
Upvotes: 1
Related Questions
- Htaccess - restrict access to file but only in present directory
- How to deny access to a file in .htaccess
- .htaccess deny access to all except to one file
- Prevent access to files in a certain folder
- Deny access to file in htaccess, on certain conditions
- Deny access to files in folder - allow acces from one file
- .htaccess: deny direct access to files in specific case
- allow access to only one php file with htaccess
- Allow accessing a file only from specific URL in HTACCESS
- restrict access on php file from all except one file