Prevent access to files in a certain folder

前端 未结 4 1162
有刺的猬
有刺的猬 2021-01-03 23:05

I have a folder with a lot of .php files. I would like to deny access to them (using .htaccess). I know an option is to move this folder outside

相关标签:
4条回答
  • 2021-01-03 23:29

    Apache 2.4 now uses a different way to do this so the method that works for Apache 2.2 will not work. See below for the method that will work for Apache 2.4. Place this in your Apache .htaccess file or better yet in a <Directory> directive in the Apache .conf file for your site.

    Using .htaccess:

    If using Apache 2.2:

    order deny,allow
    deny from all
    

    If using Apache 2.4 use:

    Require all denied
    

    Using Apache Configuration files:

    Instead of using a .htaccess file, it is usually preferred to place the configuration directly in your Apache .conf file as follows:

    <Directory "/var/www/mysite">
        Require all denied
    </Directory>
    

    Or if using a virtual host:

    <VirtualHost *:80>
        ### Other configuration here ###
        <Directory "/var/www/mysite">
            Require all denied
        </Directory>
        ### Other configuration here ###
    </VirtualHost>
    

    Of course the above configurations are examples, and you will need to adjust according to your requirements.

    0 讨论(0)
  • 2021-01-03 23:30
    1. Create .htaccess file inside the desired folder with the following contents:

      Deny from all

    2. Edit apache2.conf or httpd.conf, whatever you find in Apache2 directory (probably located in /etc/apache2). You'll need to edit/check the following:

      AllowOverride ALL (in the related <Directory> tag)

      AccessFileName .htaccess

    3. Edit your site's configuration file only in case you have a <Directory> tag specified inside it and add the following line:

      AllowOverride ALL

    4. Restart your Apache2 server

      service apache2 restart

    The above steps are all meant for Linux environments. The same instructions would work well for Windows environments except for the paths and the server restart command.

    Reference: http://www.cyberciti.biz/faq/apache-htaccess/

    0 讨论(0)
  • 2021-01-03 23:31

    Add this to the .htaccess file:

    order deny,allow
    deny from all
    
    0 讨论(0)
  • 2021-01-03 23:50

    Just add a .htaccess file with the code Deny from all to the folder.

    More info at http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html

    0 讨论(0)
提交回复
热议问题