block access to htaccess

If I have multiple htaccess files in root directory and I wish to block access to all htaccess files, do I put below code in all three htaccess files or will putting code in just the one htaccess file at the top of the root directory hierarchy protect the other htaccess files that sit in sub-directories to that top htaccess file?

<Files .htaccess>
      order allow,deny
      deny from all
</Files>
kadinAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
That is normally in your 'apache2.conf' or your 'httpd.conf' file on your server to prevent anyone from viewing or downloading your '.htaccess' files.  You shouldn't have to put that in an '.htaccess' file itself.

In addition, this page http://httpd.apache.org/docs/2.2/mod/core.html#accessfilename says that Apache will only read the first '.htaccess' file it find and ignore the others.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tailoreddigitalCommented:
Files starting with a "." on Unix/Linux systems are not publicly visible.    Like Dave just pointed out, you don't have to put that in the htaccess file, they should not be visible by default.
0
kadinAuthor Commented:
I am using a shared server. I have not checked but I assume I do not have access to apache2.conf or httpd.conf.

I have more than one htaccess file for other purposes like mode rewrite and another htaccess to protect a file upload folder. The htaccess must be in that folder and cannot be at the top of the directory where the first htaccess is. Your not trying to say apache will ignore all my htaccess files I think. But rather just the duplicate code in all htaccess files if any. Wright?
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

kadinAuthor Commented:
Thanks Tailor. I read that this would be an added security measure,  that's why I am doing it.
0
Dave BaldwinFixer of ProblemsCommented:
Apache will only open the first '.htaccess' file it finds in each directory in the path.  Each directory that needs it should have only one '.htaccess' file.
0
kadinAuthor Commented:
Great. Thanks for your help Dave.
0
Dave BaldwinFixer of ProblemsCommented:
You're welcome.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Components

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.