Deny Direct Access to a Folder and File by Htaccess

deny direct access to a folder and file by htaccess

I would just move the includes folder out of the web-root, but if you want to block direct access to the whole includes folder, you can put a .htaccess file in that folder that contains just:

deny from all

That way you cannot open any file from that folder, but you can include them in php without any problems.

Deny access to one specific folder in .htaccess

Create site/includes/.htaccess file and add this line:

Deny from all

Deny direct access to files using htaccess

You are not accessing it "from your PHP page". The web server is either serving a request or it isn't. When you load your "PHP page" in a browser, the browser will then go out and request all the Javascript, CSS and image assets linked to from your page. Each of these will be a separate HTTP request to the web server. The web server has no context that this HTTP request is because the asset is linked to from "your PHP page", that's completely irrelevant to it. You can either get the file from the server using an HTTP request, or you can't. And by setting Deny from all, you can't.

You'd have to funnel all requests through a PHP file which checks the login information and only serves the file if the user is properly logged in. E.g. link to scripts.php?file=js/myscript.js and have authentication checking code in scripts.php.

How can i deny direct access from url to all php file and some html in my server folder using htaccess?

Create/edit the .htaccess file in the directory where the files are located.

For denying all direct access to all files in the directory, add this:

Deny from all

For restricting only a specific file:

<Files "register.html">
Order Allow,Deny
Deny from all
</Files>

For restricting specific file types, you need to edit the .htaccess file in the webroot folder. This rule will deny access to all .php and .html files in myFolder and its subdirectories.:

RewriteRule ^myFolder/.*\.(php|html)$ - [F,L,NC]

More examples on denying access to file types: https://stackoverflow.com/a/20489058/6817376

htaccess prevent direct access to path and override with another

You can place this directive in /blog/.htaccess to deny all files and folders first:

deny from all

Then inside the folders you want to allow access i.e. blog/css or blog/js, create a .htaccess file with this directive:

allow from all

Related Topics

Simple Jquery, PHP and Jsonp Example

How Create an Array from the Output of an Array Printed With Print_R

How to Stop People Hacking the PHP-Based Highscore Table of a Flash Game

How to Find Entry by Object Property from an Array of Objects

PHP Simplexml How to Save the File in a Formatted Way

How to Check If a Date Is in a Given Range

PHP Curl and Cookies

How to Find the Mime Type of a File With PHP

Encrypting/Decrypting File With Mcrypt

How Does Recursiveiteratoriterator Work in PHP

"Cannot Send Session Cache Limiter - Headers Already Sent"

How to Have a 64-Bit Integer in PHP

How to Fix Error: Laravel.Log Could Not Be Opened

Getting Checkbox Values on Submit

Connection Pooling in PHP

Are PHP Include Paths Relative to the File or the Calling Code

How to Turn Off Magic Quotes on Shared Hosting

PHP: How to Handle ≪![Cdata[ With Simplexmlelement


Leave a reply



Submit