Trying to block some files in the sys directory.

Forum Moderators: phranque

Message Too Old, No Replies

Trying to block some files in the sys directory.

Tried a bunch of ways and i can still access it.

acimag

10:16 pm on Feb 5, 2013 (gmt 0)

Looking to stop people from accessing certain files directly.

I've tried all the ways.... any idea's

<filesMatch ".(inc|file)$">
deny from all
</filesMatch>

IndexIgnore *.inc *.file

<Files *.inc>
Order allow,deny
Deny from all
</Files>

<Files dbc.inc>
Order allow,deny
Deny from all
</Files>
<Files *.file>
Order allow,deny
Deny from all
</Files>

<Files ~ "\.inc$">
Order allow,deny
Deny from all
</Files>

None work. Any Idea's?

wilderness

11:06 pm on Feb 5, 2013 (gmt 0)

Why not create its own directory?
Then create and htaccess for that directory alone, than denying access to "all except specific IP"?

Or

Try moving the file to your CGI directory.

You may also be able to set file permissions in your website file manager.

try 640

0 set public permission to none.

lucy24

12:24 am on Feb 6, 2013 (gmt 0)

Looking to stop people from accessing certain files directly.

We don't often talk about subrequests-- either as Conditions or flags-- in this forum. But it's what you want here.

:: shuffling papers ::

The mod_rewrite (2.2) versions: [httpd.apache.org]

As a RewriteCond
%{IS_SUBREQ}

Will contain the text "true" if the request currently being processed is a sub-request, "false" otherwise. Sub-requests may be generated by modules that need to resolve additional files or URIs in order to complete their tasks.

As a flag:
[NS]

Use of the [NS] flag prevents the rule from being used on subrequests. For example, a page which is included using an SSI (Server Side Include) is a subrequest, and you may want to avoid rewrites happening on those subrequests. Also, when mod_dir tries to find out information about possible directory default files (such as index.html files), this is an internal subrequest, and you often want to avoid rewrites on such subrequests. On subrequests, it is not always useful, and can even cause errors, if the complete set of rules are applied. Use this flag to exclude problematic rules.
...
Images, javascript files, or css files, loaded as part of an HTML page, are not subrequests - the browser requests them as separate HTTP requests.