Solved

block root and subfolder using single .htaccess with deny/allow

Posted on 2011-09-06
4
1,310 Views
Last Modified: 2013-12-13
Is it possible to restrict access to the root folder and a sub folder using one .htaccess? Using deny/allow?

I have one .htaccess file in the root which has:

order deny,allow
deny from all
allow from 127.0.0.1
allow from 127.0.0.2

This blocks access to the root for all IP addresses other than 127.0.0.1 and 127.0.0.2

However I would also like to block a subfolder but I can't add another .htaccess file to any sub folders but I get internal server error if I have this:

order deny,allow
deny from all
allow from 127.0.0.1
allow from 127.0.0.2

<Directory "/xxxx/xxxx/xxxx/xxxx/domain.tld/images">
Options All
AllowOverride All
Order allow,deny
deny from all
</Directory>

Please advise
0
Comment
Question by:ellandrd
4 Comments
 
LVL 9

Expert Comment

by:parparov
ID: 36492453
What does Apache log say when you try to access that URL?
0
 
LVL 50

Accepted Solution

by:
Steve Bink earned 500 total points
ID: 36517728
You get an error because the <Directory> container can only be used in the server config or <VirtualHost> container.  If you need a per-directory setting in an .htaccess file using Allow/Deny, you need to put that file in the target directory.

Another option is to use mod_rewrite.  The parent's .htaccess file will still be processed in the chain.  Something like this:

RewriteRule ^/?images(/.*)? - [F]

Open in new window

0
 
LVL 77

Expert Comment

by:arnold
ID: 36517820
You need to alter the order of your to allow, deny.
http://www.maxi-pedia.com/Order+allow+deny

If you are blocking/restricting access at the root, what additional restrictions are you placing down the road?

Where are you adding the extended directory?

use apachectl configtest to test the configuration file httpd.conf.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Boost your ability to deliver ambitious and competitive web apps by choosing the right JavaScript framework to best suit your project’s needs.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question