Difference between revisions of "Apache .htaccess"
(Created page with "{{TOCright}} The Apache Webserver file <code>.htaccess</code> is a powerful tool for managing the access and navigation to your webserver. <br>Unfortunately, the working is no...") |
m (→Prevent PHP-Directory Access) |
||
| Line 8: | Line 8: | ||
<br>But you don't want anyone to have access to that directory except the program/application. | <br>But you don't want anyone to have access to that directory except the program/application. | ||
This snippet prevents the access to the directory file with extension '''''php'''''. | This snippet prevents the access to the directory file with extension '''''php'''''. | ||
| − | <syntaxhighlight lang="bash"> | + | |
| + | <syntaxhighlight lang="bash" line> | ||
## Enable Mod Rewrite, this is only required once in each .htaccess file | ## Enable Mod Rewrite, this is only required once in each .htaccess file | ||
RewriteEngine On | RewriteEngine On | ||
| Line 21: | Line 22: | ||
## Forbid Access | ## Forbid Access | ||
RewriteRule .* - [F,NS,L] | RewriteRule .* - [F,NS,L] | ||
| − | |||
</syntaxhighlight> | </syntaxhighlight> | ||
| + | * Line 01-03: Needs to be set once and enables the RewriteCond and RewriteRule. | ||
| + | * Line 05-06: Tests case insensitive ([NC]=No Case) if the directory is ''../phpinclude'' at the end ($). | ||
| + | * Line 08-09: Tests if the file name has the extension ''.php'' at the end ($). | ||
| + | * Line 11-12: Forbids access to the found file. <br>F: Returns a 403 FORBIDDEN response to the client browser. <br>NS: Causes a rule to be skipped if the current request is an internal sub-request.<br>L: Stop the rewriting process immediately and don't apply any more rules. | ||
== See also == | == See also == | ||
Revision as of 17:39, 1 October 2018
The Apache Webserver file .htaccess is a powerful tool for managing the access and navigation to your webserver.
Unfortunately, the working is not very intuitive and not very simple.
Examples
Prevent PHP-Directory Access
The usage of a special PHP-include directory is a common implementation paradigm.
But you don't want anyone to have access to that directory except the program/application.
This snippet prevents the access to the directory file with extension php.
<syntaxhighlight lang="bash" line>
- Enable Mod Rewrite, this is only required once in each .htaccess file
RewriteEngine On RewriteBase /
- Test for access to the include directory
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /phpinclude/.*$ [NC]
- Test that file requested has php extension
RewriteCond %{REQUEST_FILENAME} ^.+\.php$
- Forbid Access
RewriteRule .* - [F,NS,L] </syntaxhighlight>
- Line 01-03: Needs to be set once and enables the RewriteCond and RewriteRule.
- Line 05-06: Tests case insensitive ([NC]=No Case) if the directory is ../phpinclude at the end ($).
- Line 08-09: Tests if the file name has the extension .php at the end ($).
- Line 11-12: Forbids access to the found file.
F: Returns a 403 FORBIDDEN response to the client browser.
NS: Causes a rule to be skipped if the current request is an internal sub-request.
L: Stop the rewriting process immediately and don't apply any more rules.
