See Apache mod_access Allow/Deny directives and <FilesMatch> container in Apache core. Or see Apache mod_rewrite -- specifically, the [F] flag used with RewriteRule. Both methods can be used to prevent HTTP access to files.

Jim

I have a text file in my server and it's been continuously modified by a server-side script. What I'd like to do is to prevent any user from accessing it, even if they know the direct URL. Only the server-side scripts should be able to access it.

I seem to recall a previous example (either here or in Forum11) in which a suggestion was made to place a file in a "lone" directory,
then create an htaccess for that "lone" diretory and "denying all".

This would still allow server sdie scripts to server the file.

Unfortunately, I could not find any reference to the example.

Wilderness, that seems to be a good idea. I'll do it if I can't find anything else.

jDMorgan, I tried the folowing with mod_rewrite but it doesn't seem to be working:

RewriteRule ^http://example.com/dir/to/file/file.txt$ - [F]

Any ideas?

Ok I've managed to do it. Using it without the regexp syntax and the full URL worked fine:

RewriteRule file.txt - [F]

Thanks for the help guys.

RewriteRule sees only the localized path to the file, not the full URL. It does not see "http://example.com/", the path to this .htaccess file's directory, or any query strings appended to the URL-path, only the local URL-path:

RewriteRule ^local-path-to-file\.txt$ - [F]

Jim