deny direct access to a folder and file by htaccess
I would just move the includes
folder out of the web-root, but if you want to block direct access to the whole includes
folder, you can put a .htaccess
file in that folder that contains just:
deny from all
That way you cannot open any file from that folder, but you can include them in php without any problems.
Deny access to one specific folder in .htaccess
Create site/includes/.htaccess
file and add this line:
Deny from all
Deny direct access to files using htaccess
You are not accessing it "from your PHP page". The web server is either serving a request or it isn't. When you load your "PHP page" in a browser, the browser will then go out and request all the Javascript, CSS and image assets linked to from your page. Each of these will be a separate HTTP request to the web server. The web server has no context that this HTTP request is because the asset is linked to from "your PHP page", that's completely irrelevant to it. You can either get the file from the server using an HTTP request, or you can't. And by setting Deny from all
, you can't.
You'd have to funnel all requests through a PHP file which checks the login information and only serves the file if the user is properly logged in. E.g. link to scripts.php?file=js/myscript.js
and have authentication checking code in scripts.php
.
How can i deny direct access from url to all php file and some html in my server folder using htaccess?
Create/edit the .htaccess file in the directory where the files are located.
For denying all direct access to all files in the directory, add this:
Deny from all
For restricting only a specific file:
<Files "register.html">
Order Allow,Deny
Deny from all
</Files>
For restricting specific file types, you need to edit the .htaccess file in the webroot folder. This rule will deny access to all .php and .html files in myFolder and its subdirectories.:
RewriteRule ^myFolder/.*\.(php|html)$ - [F,L,NC]
More examples on denying access to file types: https://stackoverflow.com/a/20489058/6817376
htaccess prevent direct access to path and override with another
You can place this directive in /blog/.htaccess
to deny all files and folders first:
deny from all
Then inside the folders you want to allow access i.e. blog/css
or blog/js
, create a .htaccess file with this directive:
allow from all
Related Topics
Simple Jquery, PHP and Jsonp Example
How Create an Array from the Output of an Array Printed With Print_R
How to Stop People Hacking the PHP-Based Highscore Table of a Flash Game
How to Find Entry by Object Property from an Array of Objects
PHP Simplexml How to Save the File in a Formatted Way
How to Check If a Date Is in a Given Range
How to Find the Mime Type of a File With PHP
Encrypting/Decrypting File With Mcrypt
How Does Recursiveiteratoriterator Work in PHP
"Cannot Send Session Cache Limiter - Headers Already Sent"
How to Have a 64-Bit Integer in PHP
How to Fix Error: Laravel.Log Could Not Be Opened
Getting Checkbox Values on Submit
Are PHP Include Paths Relative to the File or the Calling Code