发表新帖
发表新帖

Prevent access to files in a certain folder

前端 未结
关注
4 1162
有刺的猬
有刺的猬 2021-01-03 23:05

I have a folder with a lot of .php files. I would like to deny access to them (using .htaccess). I know an option is to move this folder outside

相关标签:
4条回答
  • 不思量自难忘°
    2021-01-03 23:29

    Apache 2.4 now uses a different way to do this so the method that works for Apache 2.2 will not work. See below for the method that will work for Apache 2.4. Place this in your Apache .htaccess file or better yet in a <Directory> directive in the Apache .conf file for your site.

    Using .htaccess:

    If using Apache 2.2:

    order deny,allow
deny from all

    If using Apache 2.4 use:

    Require all denied

    Using Apache Configuration files:

    Instead of using a .htaccess file, it is usually preferred to place the configuration directly in your Apache .conf file as follows:

    <Directory "/var/www/mysite">
    Require all denied
</Directory>

    Or if using a virtual host:

    <VirtualHost *:80>
    ### Other configuration here ###
    <Directory "/var/www/mysite">
        Require all denied
    </Directory>
    ### Other configuration here ###
</VirtualHost>

    Of course the above configurations are examples, and you will need to adjust according to your requirements.

    0 讨论(0)
  • 梦毁少年i
    2021-01-03 23:30

    1. Create .htaccess file inside the desired folder with the following contents:

      Deny from all

    2. Edit apache2.conf or httpd.conf, whatever you find in Apache2 directory (probably located in /etc/apache2). You'll need to edit/check the following:

      AllowOverride ALL (in the related <Directory> tag)

      AccessFileName .htaccess

    3. Edit your site's configuration file only in case you have a <Directory> tag specified inside it and add the following line:

      AllowOverride ALL

    4. Restart your Apache2 server

      service apache2 restart

    The above steps are all meant for Linux environments. The same instructions would work well for Windows environments except for the paths and the server restart command.

    Reference: http://www.cyberciti.biz/faq/apache-htaccess/

    0 讨论(0)
  • 囚心锁ツ
    2021-01-03 23:31

    Add this to the .htaccess file:

    order deny,allow
deny from all
    0 讨论(0)
  • 走了就别回头了
    2021-01-03 23:50

    Just add a .htaccess file with the code Deny from all to the folder.

    More info at http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html

    0 讨论(0)
 看不清?
提交回复
热议问题