Knowledgebase

Block file access with htaccess

We are going to see several examples of how to prevent access to files on our server.

For example, if when trying to access http://www.yourdomain.com/.htaccess you do not receive a “Forbidden“, it means that these types of files are not protected from access in your server settings. To fix this, edit (if it already exists) or create an .htaccess file in the root directory of your webspace with the following lines inside:

<Files .htaccess>
Order allow,deny
Deny from all
</Files>


In the same way you can block access to any other file:

<Files secretfile.txt>
Order allow,deny
Deny from all
</Files>

Note: This would affect any file with the name “secretfile.txt” that is on the server.


Additionally, using the FilesMatch directive, you can protect files with certain extensions:

<FilesMatch "\.(htaccess|htpasswd|ini|phps|log|bak|txt)$">
Order Allow,Deny
Deny from all
</FilesMatch>

  • 11 Users Found This Useful
Was this answer helpful?

Related Articles

Prestashop update

Update Prestashop To update Prestashop to the new version, the following steps will be carried...

Viruses on the web. Help!!! What are they and how do we eliminate them?

Lately, cases of websites that are infected by viruses or malicious code, without the webmaster...

How can I manage the domain?

For everything related to the administration of your domain, you must use the CPANEL control...

What is a subdomain?

Subdomains are extensions that we can use with our domain, for example, suppose that our domain...

How to publish my website?

To upload the content of your website to the server you can use any FTP client such as FileZilla,...