Reputation: 435
.htacess deny sub directory access, but maintain the URL (Force 403 ?)
I keep getting close to what I want, but I'm not quite there. Basically, I need to block direct access to a subdirectory, but treat it like a custom error message and not a redirect. I need to maintain the URL so that an index.php file can see the requested filename, and filter site member permissions against it, and then return the file itself. I think, if I can force a 403 error on denied access, then the ErrorDocument would take over. The following .htaccess is in the "files_dir" directory. the ErrorDocuments have already been working for me for a while, but the denied access is giving trouble:
<Files ~ "^/files_dir/protected_dir/.*$">
Order allow,deny
Deny from all
Satisfy All
</Files>
ErrorDocument 404 /files_dir/index.php
ErrorDocument 403 /files_dir/index.php
ErrorDocument 405 /files_dir/index.php
Upvotes: 0
Views: 2407
Answers (2)
Reputation: 16825
Don't get why you want apache to send the 403. You could just do that with php. The only thing you need is to rewrite all urls in the protected dir to index.php.
RewriteRule ^protected_dir/ index.php
then in php
if( !$logged_in )
{
header('HTTP/1.1 403 Forbidden');
echo 'not allowed. etc.';
...
Upvotes: 1
Reputation: 868
I would approach this with a rewrite rule:
RewriteCond %{PATH_INFO} ^/files_dir/protected_dir/ [NC]
RewriteRule .* - [F]
This won't cause a redirect (the URL would stay intact in the browser), but would return 403 Forbidden.
Upvotes: 1
Related Questions
- Deny access to some subdirectories via .htaccess
- Block access to a web subdirectory with .htaccess
- Allow URL access, disallow subdirectory access
- denying access to sub folder by its real name using htaccess
- .htaccess prevent folder access that are subdomains
- deny access to all subdirectories using htaccess
- Block access to files and sub directory with .htaccess?
- Deny access to subdirectories using htaccess
- htaccess directory restriction
- Disable access to a subfolder using .htaccess