Using .htaccess to render files inaccessible

Forum Moderators: phranque

Message Too Old, No Replies

Using .htaccess to render files inaccessible

.htaccess files inaccessible

mattman

10:08 pm on Feb 9, 2005 (gmt 0)

Can someone help me write some code for my .htaccess file?

Here is what I have so far:

RewriteEngine on
RewriteBase /
RewriteRule ^(.*)\.php$ $1. [R=permanent]

This seems to render all php files totally inaccessible. But I have some php files in a folder /login/index.php that I want to work. Is there a way to allow php files in the login folder to work?

Also, it would be cool to set this globally but only allow certain file types to function normally. For example, so that I could set .jpg files to exclusively work. I'm stuck on this although I'm sure it's easy.

Hope all that makes sense, Thanks

Matt :)

jdMorgan

5:10 am on Feb 10, 2005 (gmt 0)

mattman,

Welcome to WebmasterWorld!

Yes, the question is a bit fuzzy... But I'll have a go.

You can accomplish file blocking more effectively using the standard approach:


RewriteRule \.php$ - [F]

This returns a 403-Forbidden response for any request for any file ending in ".php" in the same directory as the .htaccess code, and in any subdirectories of that directory.

If you want to add exclusions, then use RewriteCond:


RewriteCond %{REQUEST_URI} !^/login/index\.php$
RewriteRule \.php$ - [F]

Assuming that "login" is a subdirectory of the directory where this code resides in .htaccess, then all .php files will be blocked except /login/index.php. Note the use of "!" meaning NOT.

Jim

mattman

2:33 pm on Feb 10, 2005 (gmt 0)

Hey Jim, thanks for the welcome :)

Sorry for the fuzzy question. Really appreciate your help. Thats exactly what I needed.

Matt