Deny access to multiple .php files with .htaccess?

Question

Deny access to multiple .php files with .htaccess?

I want to deny access to multiple PHP files in the /all/cstl/ .

My .htaccess is also stored in this directory.

This is my current code and it does not work.

 <Files "\ (config.php|function.php|include.php)"> Order allow,deny Deny from all </Files>

I tried to deny the directory and allow certain files, but it refuses the directory and does not allow the requested .php files. My code for this:

 <Directory /> Order deny,allow Deny from all <Directory> <Files "index.php|post.php"> Order deny,allow Deny from all </Files>

Please give me an example of blocking access to several specific files in a directory.

+8

security php .htaccess

Asim mohd Aug 1 '12 at 12:38

source share

1 answer

Ricky cook · Accepted Answer · 2012-08-01T12:52:26+0000

There are several problems with .htaccess that you have.

Since BSen is linked in the comment above, you should use FilesMatch. Also, your regular expression is incorrect.

The problem with regex is that you have escaped space at the beginning, so all files should start with a space character (followed by one of the config.php, function.php files, etc.)

Also, a small explanation of Order allows you to disable the directive: http://www.maxi-pedia.com/Order+allow+deny

Try the following:

 <FilesMatch "config\.php|function\.php|include\.php"> Order allow,deny Deny from all </FilesMatch>

If you want to refuse all but a few files, this will be considered as

 Order deny,allow Deny from all <FilesMatch "index\.php|index\.html"> Allow from all </FilesMatch>

Deny access to multiple .php files with .htaccess?

More articles: