This question already has answers here:
Allowing only localhost to access a folder where all inclusive php files exist
(5 answers)
Closed 5 years ago.
I have lot's of PHP pages in public_html folder. But I want nobody to open them except me. I don't have any registration or anything else. I just don't want anybody access them. Is this possible? Those pages are for getting reports form database.
I've tried .htaccess but not a useful try.
Just include
Option -Indexes
in .htaccess file and save it.
Then nobody will get access to that. Thanks.
The Apache .htaccess file is meant to rewrite responses by either granting or denying access to users based off the request made.
You can use an .htpasswd file in conjunction with you .htaccess file to selectively grant or deny users access to your resources by requiring authentication via a password.
Related
This question already has answers here:
Block direct access to a file over http but allow php script access
(7 answers)
deny direct access to a folder and file by htaccess
(8 answers)
Closed 5 years ago.
So I have www.mydomain.com
Under that domain I have a directory, lets call it www.mydomain.com/secrets
I have php scripts that access stuff in the /secrets directory (zip files mainly), how could I make all files in that directory still work with the php scripts but if someone went to www.mydomain.com/secrets/file.txt they wouldn't see the file.
Assuming you're using Apache (I haven't seen an installation of PHP with cPanel that doesn't have it, but I might not be so worldly), then .htaccess file in the specific directory is a good bet.
Create a file named .htaccess inside the directory where you want to restrict public access, and give it the following contents:
If on Apache 2.2
Order deny,allow
Deny from all
If on Apache 2.4
Require all denied
This question already has answers here:
How do I disable directory browsing?
(14 answers)
Closed 5 years ago.
I have a web application developed in PHP.
My requirement is to block a folder which contains uploaded documents.
For example, if a user click a document link on the application, it should open
http://localhost:1987/enterprise_resource_planning/uploads/students/documents/1499866795_100_100.pdf
if a user execute below url, it should block
http://localhost:1987/enterprise_resource_planning/uploads/students/documents/
I've tried .htaccess with Deny from all, but it is blocking everything.
Any solution for this senario ?
possible solutions:
place a file index.html or index.php in the directory
define in your httpd.conf Options -Indexes
place that line in .htaccess
personnally I prefer the 2nd line. There hardly ever is use for automatical listing of the files to a browsing visitor.
This question already has answers here:
What is .htaccess file?
(9 answers)
Closed 5 years ago.
I am creating small data entry software using php with ajax code. But I didn't create .htaccess file. I have one doubt. must we create .htaccess file ? why we create .htaccess file. Please suggest.
A .htaccess file is not mandatory.
It has many uses and if there is a specific need, you have to use a .htaccess file. If not, you can ignore it.
For example with .htaccess you can do redirections, you can do authentication with username and password, you can restrict specific directories and many more uses.
In your case, if your needs dont forward you to the use of .htaccess, just dont use one. Although most websites nowadays have at least 1 need that .htaccess covers.
.htaccess is an Apache config file, it works in hierarchical mode, if you load it in a folder, it apply the configuration to all subfolders.
.htaccess is helpful to set timezone, redirect, customize error pages and enable or disable cache.
It is not mandatory however it is recommended its use.
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Hotlinking my Cascading Style Sheets
This is a bit of a follow up to this question .htaccess don't allow user to view my folder files that don't have index.php which worked perfectly for blocking directory level access, but it still doesn't block direct access if someone knew the url
i.e. domain.com/css/ is forbidden, but domain.com/css/main.css shows the css file
how would i block direct access to that file? it seems like such a standard thing but i can't find anything for it
You can set restrictions like this:
Order Deny, Allow
Deny from all #everyone will not be allowed except the following line
Allow from 127.0.0.1 123.123.123.123 #allowed hosts separated by space
In the .htaccess for the directory, you can write:
Deny from All
This way nobody will be able to access anything in the directory remotely.
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Create Subdomains on the fly with .htaccess (PHP)
for one of my scripts, i want it so that each of my clients has their own subdomain
however, i want each subdomain to use the exact same script, and the exact same database
can this be accomplished with HTACCESS?
example: john.mysite.com would take them to my script, setting a username variable as john...so they can be identified in the database...
how can i do this?
You can set the ServerAlias directive in your VirtualHost configuration to *.mysite.com. You can then use mod_rewrite in the .htaccess to append the username to the URL, or use PHP to pull the subdomain off the requested URL, and do whatever you want with it.