1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 3:19 am May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

htaccess, allow certain extensions, deny all

         

Jim123

12:27 pm on Sep 1, 2010 (gmt 0)

10+ Year Member



I have been looking online but I can't find what I am looking for.

I have a temp directory that needs to have permission 777. I would like to protect this directory against writing/uploading.

The only files I want to allow are those with the extension .dat and .txt.php (as in tmp.12834930049.txt.php). All the others I want to deny.

Any ideas how?

Thanks

jdMorgan

3:14 pm on Sep 1, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Rewrite all requests for URLs that resolve to this directory to a script, and then use the script to enforce access controls. I assume you've got an "upload" script, so that is where the access control should be implemented.

Since it is the script doing the "reading and writing" of the files in this directory, no HTTP access needs to be allowed to anything except the script itself.

For better security, keep the files and the script in two separate directories.

Jim
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 3:19 am May 2, 2026