Prevent Online Access to Directory

Forum Moderators: phranque

Message Too Old, No Replies

Prevent Online Access to Directory

Using an .htaccess file

itledi

2:49 pm on Dec 8, 2007 (gmt 0)

I'm trying to write an .htaccess file that I can put into a directory that will prevent access to that directory online.

I'm going to put some scripts in there that I'm writing a cron job for, and I don't want someone, even myself, from accidentally opening those files and for them to prematurely run the scripts.

Normally I would create a directory not in the public_html folder, but in this instance, I don't have that option.

jdMorgan

3:34 pm on Dec 8, 2007 (gmt 0)

See Apache mod_access [httpd.apache.org]

Jim

itledi

11:25 pm on Dec 8, 2007 (gmt 0)

Thank you,

I've created an .htaccess file at the root level of my directory that just contains:

order deny,allow
deny from all

With my understanding, this will prevent all requests from files and subdirectories in that folder from the internet, but will not affect the server from running these files.

Thanks.

gergoe

12:19 am on Dec 9, 2007 (gmt 0)

This will indeed deny access to all request (arriving through Apache) to the directory where this htaccess file has been placed. If you put it into the root of your website, then your website will become totally unavailable (so make sure you issue the right copy command :-). Request outside of Apache (file operations in php, asp or executing a php file) will still work, because those are not request to Apache, but simple file system operations.