deny access with htaccess

Hi all,

I want to deny access to htaccess.txt or another file with txt extension by editing htaccess.txt
Below is the copy of my htaccess.
But it dosent work :(

##
# @version $Id: htaccess.txt 9975 2008-01-30 17:02:11Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##


#####################################################
#  READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations.  It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file.  If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's.  If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

##  Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
#  mod_rewrite in use

RewriteEngine On



#  Uncomment following line if your webserver's URL
#  is not directly related to physical file paths.
#  Update Your Joomla! Directory (just / for root)

# RewriteBase /


########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$  [NC]
RewriteRule (.*) index.php
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

<files htaccess.txt>
  order allow,deny
  deny from all
</files>

#
########## End - Joomla! core SEF Section


########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits
LVL 1
reinhardtdjangoAsked:
Who is Participating?
 
caterham_wwwCommented:
Did you clear your browser cache?
0
 
caterham_wwwCommented:
> by editing htaccess.txt

Did you rename the directive AccessFilename in your httpd.conf? Because the default value of per-directory configuration files is .htaccess and not htaccess.txt
0
 
reinhardtdjangoAuthor Commented:
Ok right, i've done it and added

<Files ~ "^.*\.txt">
Order Allow,Deny
Deny from all
</Files>

to deny access to txt files.

After that it works but not completely.
There are two txt files that this rule is not working for them

When you try to access these two txt files at first attempt you can display the content but then
if you refresh the page you have the forbidden message?

Do you know what can be the reason?
0
 
reinhardtdjangoAuthor Commented:
yes i cleared the browser cache.

what is interesting is that when i write the address of the file to the address bar
the file displays when i refresh i have the message forbidden, if i go to the address bar and press enter again the file displays and if i refresh again i have the message forbidden, this  goes on in a loop.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.