denying access via .htaccess

Forum Moderators: phranque

Message Too Old, No Replies

denying access via .htaccess

only allow localhost for one file

max4

7:06 am on Jan 4, 2010 (gmt 0)

.htaccess is indistinguishable from magic to me

and I was wondering if someone could help me use .htaccess to deny access to a particular file from everyone except localhost.

jdMorgan

2:46 pm on Jan 4, 2010 (gmt 0)

How does localhost access this resource -- Is it 'included' as a local file into an HTML page or script, or is it requested by the server from itself using HTTP (e.g. using a script library to do a GET using an HTTP transaction)?

If the former, then the file does not need to be HTTP-accessible at all, and a simple unconditional 403 response to *all* HTTP requests for URLs resolving to this filepath will be all that is needed.

Please take a look at our Forum Charter (see link at top of this page) for information on how to get the most from this forum -- We do things a bit differently here.

Thanks,
Jim

max4

6:16 pm on Jan 4, 2010 (gmt 0)

Oh sorry. It is requested by the server from itself using HTTP.

g1smd

1:10 am on Jan 5, 2010 (gmt 0)

Does it need to be accessible via HTTP?

jdMorgan

4:47 pm on Jan 5, 2010 (gmt 0)

A RewriteCond testing %{REMOTE_ADDR} for NOT "localhost-IP" and NOT "my-LAN-IP" followed by a RewriteRule testing for the "path-to-particular-file" and making a null substitution with a 403-Forbidden response code would seem to be in order, then.

Jim