Prevent access to files in a directory using file type and htacess – all about website security

This is a simple example illustrating the use of htaccess to block access of files based upon certain file types.

1. Prevent access of .php files in a directory.

Create a file .htaccess inside the folder/directory where you do not want the .php files to be invoked or called or executed.

Now place the following code in the file you have created.

<Files *.php>
deny from all
</Files>

Save the changes and you’re done.

2. Prevent access of a file

<files readme.html>
   <IfModule mod_authz_core.c>
	Require all denied
   </IfModule>
   <IfModule !mod_authz_core.c>
	Order allow,deny
	Deny from all
   </IfModule>
</files>

In above piece of code “readme” can be any file name and “.html” can be any file extension. This code is better to use if you compare with the one mentioned in the point 1.

3. Hide directory indexing

Options -Indexes

Place this piece of code in your htaccess file to prevent directory indexing of files.

Related Post

Advertisements

Yuvraj has written 39 articles

"Learn & Share" - I believe in this. What about you?