htaccess <Directory> deny from all
Solution 1
You cannot use the Directory directive in .htaccess. However if you create a .htaccess file in the /system directory and place the following in it, you will get the same result
#place this in /system/.htaccess as you had before
deny from all
Solution 2
You can also use RedirectMatch directive to deny access to a folder.
To deny access to a folder, you can use the following RedirectMatch in htaccess :
RedirectMatch 403 ^/folder/?$
This will forbid an external access to /folder/ eg : http://example.com/folder/ will return a 403 forbidden error.
To deny access to everything inside the folder, You can use this :
RedirectMatch 403 ^/folder/.*$
This will block access to the entire folder eg : http://example.com/folder/anyURI will return a 403 error response to client.
Solution 3
You can use from root directory:
RewriteEngine On
RewriteRule ^(?:system)\b.* /403.html
Or:
RewriteRule ^(?:system)\b.* /403.php # with header('HTTP/1.0 403 Forbidden');
Comments
-
Keverw about 4 years
I've been cleaning up my project lately. I have a main .htaccess in the root directory and 6 others. 5 of them ran
Options -Indexeswhich i didn't see anypoint of allowing any Directory viewing so moved that to the main one. so now i only have 2 .htaccess files. the main and one in/systemwhich holds# Block External Access deny from allSo i wanted to run that on
/systemonly from within the main. So i deleted the one in /system and added# Block External Access <Directory "/system/"> deny from all </Directory>to my main .htaccess file leaving 1!
but now i get a
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Apache/2.2.17 (Ubuntu) Server at 10.0.1.5 Port 80
The goal is to block reading any files in /system and it's sub directory's but allow viewing of everything else all from one
.htaccessfile for the whole project. Any ideas on how i can fix this? I did some Google searches but couldn't really come out with anything. -
Keverw over 12 yearsYeah. I had a .htaccess placed in /system before. Was just trying to have only one for the whole project. Guess i can't and will have to do it that way.
-
Accountant م over 7 yearsfor windows users , make sure you make the file name exactly.htaccessby save-as the file from some text editor because windows explorer doesn't allow you to remove file names. it was a problem for me -
jiwopene over 5 yearsYou can create.htaccessfiles and other file starting with dot characted on Windows in file explorer. Simply name it.htaccess., the dot at end disables checking if name starts with dot (it is automatically removed). -
anthony over 5 yearsAdd to ".htaccess" "RewriteRule ^folder/ - [F,L]" Yes you will see a directory redirection ( for the '/' on end) but that redirection then fails. It also seems to remove it from the auto-index list!
-
Amit Verma over 5 years@Anthony This works perfectly fine on all versions of Apache . I had tested it on my local and live server before posting here. Are you sure the server you are using is Apache ? Also make sure to use this code at the top of your htaccess before other rules you may have in your htaccess otherwise the directive will be ignored. -
anthony over 5 yearsYes it is apache... however "RewriteRule ^folder/ - [F,L]" does work fine.
-
anthony over 5 yearsArhhh... The directory URI is NOT on the top level, but after adding the full URI path, it did work fine. HOWEVER I would not want to encode the URL path in a ".htaccess" file if at all possible! Directories move around, and the URI path should NOT be needed in ".htaccess" file.
