Reputation: 68440
Deny access to a file
If I drop a .ini file inside my site root directory, it will be visible to anyone simply by accessing
http://site.com/file.ini
Can I restrict public access to that file somehow (htaccess maybe?), but still make it accessible by my scripts?
Upvotes: 1
Views: 148
Answers (3)
Reputation: 8930
You could simply move that file or add this to your .htaccess:
<Files ~ "\.(ini)$">
order allow,deny
deny from all
</Files>
Upvotes: 1
Reputation: 253308
The easiest way to achieve this kind of security, if you don't want people to be able to directly access your web-scripts, is to put those files outside of the web-directory/web-root. That way the files within your website can still access the files via the file-paths, but people can't navigate to them with their browsers.
For example: my own private scripts reside in the 'private' folder, which is in the same directory as the /var/www/ directory, and are accessed via: include '../private/script.php';
Upvotes: 1
Related Questions
- How to deny access to a file in .htaccess
- Block access to PHP file using .htaccess
- .htaccess deny access to all except to one file
- Deny access to file in htaccess, on certain conditions
- How do you prevent direct access to a file in Apache?
- deny access of php file from url htaccess
- restrict access on php file from all except one file
- How to deny access to a file using .htaccess?
- Disallow view of specific file on Apache
- Disable access to files