this does not work - I want to limit one folder and one file with one directive to avaoid that I have to add the allowed IP adresses two times.
<Directory .../homes/*/wp-login>
<Files .../homes/*/wp-login.php>
Order deny,allow
deny from all
allow from ...
allow from ...
allow from ...
.
.
.
</Files>
</Directory>
With one directive for the file and another one for the folder it works but then the .htaccess file woul get double size. :-(
Related
I can successfully block access to a file in htaccess with this:
<Files "image1.jpg">
Order Allow,Deny
Deny from all
</Files>
It works for one file, but I want to block access to thousands of files based on a pattern.
So something like this:
<Files "source_*">
Order Allow,Deny
Deny from all
</Files>
Note the * wildcard. If a file name starts with "source_" then it should deny access.
What would that look like in the correct syntax?
The directive you're looking for is FilesMatch. With it, you can use Regex to specify files. Probably something like:
<FilesMatch "source_.(gif|jpe?g|png)$">
# ...
</FilesMatch>
If you want to test your Regular Expression more easily, I'd recommend Regexr
inside my site i have a directory /here/is/the/dir/path
i want to allow access to a single file in a subdirectory
example: test/testfile.xml
but want to deny access to a list of other files (jsp, class, jar, xml )
i have this which i want to place in httpd.conf
<Directory /here/is/the/dir/path >
<FilesMatch "test.xml">
Order Allow,Deny
Allow from All
Deny from None
</FilesMatch>
<FilesMatch "+\.(jsp|class|jar|xml)">
order allow,deny
deny from all
</FilesMatch>
</Directory>
is this the correct way to write this? is there a way to combine my two file match statements into a single statement ?
the stated method has been tested and is working.
I have a folder structure like abc/xyz123/123,abc/asd/123,abc/xyz123/123.
My apcahe runtime(APR) is configured to serve anything inside abc, but I want to restrict it for xyz... folder only and serve else as before.More clearly any folder whose name starts with xyz and it is inside abc folder(which has all permissions).
If you want to not show indexes?
Open tomcat-apache.conf
Add
<Directory "/abc/xyz">
Options -Indexes
</Directory>
This will stop people from going to yoursite.com/abc/xyz and getting a directory structure. They would however be able to access yoursite.com/abc/xyz/image.jpg
If you want to block all access
Add this to the conf file
<Directory "/abc/xyz">
deny from all
</Directory>
<Directory "/abc/xyz/123">
allow from all
</Directory>
http://tomcat.apache.org/tomcat-3.2-doc/tomcat-apache-howto.html - shows more details
I have an .htacces file and I am trying to open up access to a file and folder within a protected folder.
The file is index.php so I do the following:
<Files index.php>
Order Allow,Deny
Allow from All
Satisfy Any
</Files>
This works and give me access to this file. This file requires assets from the assets/ directory. So I try to open that directory up by doing the following:
<Directory "/assets">
Order Allow,Deny
Allow from All
Satisfy Any
</Directory>
But this is giving me a 500 error. Not sure why.
You can't use the <Directory> container inside an htaccess file (which is essentially like the <Directory> container itself). If you want to allow access to assets, then create an htaccess file inassets with just:
Order Allow,Deny
Allow from All
I have a apache machine which is serving a .js file. That file should be the only file that need to seen.
I have configured to do so in my apache like this :
<Location /var/www/test/test.js>
Order allow,deny
Allow from all
</Location>
The site address is test.in which points to test.js file in /var/www/test directory. That is working fine. But I wish when the user tries to hit test.in/someurl (which is not available) or some other url than test.in need to give an message with 401 error.
How do I do that? Thanks in advance.
You misused <Location> - the argument should be URI not the directory path... You should use <Directory> to get the expected behavior.
I would do something like this (you should finetune it, it shows just the principle):
# first deny access to everything
<Location />
Order Deny,Allow
Deny from All
</Location>
# then allow access to specific URL
<Location /test/test.js>
Order Allow,Deny
Allow from All
</Location>
Have a look on Order directive and one or more of following: Location, LocationMatch, Directory, DirectoryMatch, Files, FilesMatch, etc.