Categories: DevelopmentHosting

Some .htaccess security measures

Secure access to single file by IP

    

  1. 
<Files filename>

    2. 

  2. Order Deny,Allow
    3. 

  3. Deny from All
    4. 

  4. Allow from YourIP
    5. 

  5. 
</Files>

    6.

Secure access to a whole directory of files

    

  1. 
<FilesMatch ".*">

    2. 

  2. Order Deny,Allow
    3. 

  3. Deny from All
    4. 

  4. Allow from YourIP
    5. 

  5. 
</FilesMatch>

    6.

Secure a single file with a Basic Login

    

  1. 
<Files filename>

    2. 

  2.   AuthName "Admin-Section"

    3. 

  3.   AuthType Basic
    4. 

  4.   AuthUserFile .htpasswd
    5. 

  5.   require valid-user
    6. 

  6. 
</Files>

    7.

Secure multiple files and deny access

    

  1. 
<FilesMatch "(.htaccess|.htpasswd|filename.php|readme.html)">

    2. 

  2.   order deny,allow
    3. 

  3.   deny from all
    4. 

  4. 
</FilesMatch>

    5.

Allow only some files to be accessed

    

  1. order deny,allow
    2. 

  2. deny from all
    3. 

  3. 
<files ~ ".(xml|css|jpe?g|png|gif|js)$">

    4. 

  4. allow from all
    5. 

  5. 
</files>

    6.

Prevent directory browsing

    

  1. Options All -Indexes
    2.

Disable hotlinking

    

  1. RewriteEngine on
    2. 

  2. RewriteCond %{HTTP_REFERER} !^$
    3. 

  3. RewriteCond %{HTTP_REFERER} !^http(s)?://(www.)?YourDomain [NC]

    4. 

  4. RewriteRule .(jpg|jpeg|png|gif)$ - [NC,F,L]

    5.

 

 

 

Alex

I am a full-stack developer. I love programming,  design and know my way around server architecture as well.  I would never feel complete, with one of these missing. I have a broad range of interests, that’s why I constantly dive into new technologies and expand my knowledge where ever required. Technologies are evolving fast and I enjoy using the latest. Apart from that, I am a peace loving guy who tries to have people around him that think the same.  I truly believe in the principle: “If you help someone, someone will help you, when you need it."

Leave a Comment
Published by
Alex
10 years ago

Recent Posts

B&B / Hotel Booking Solutions for WordPress | 2024

BOOKING SOLUTIONS 202x This is my take on a subset of booking, appointment, PMS or… Read More

4 weeks ago

WordPress Cron + WP-CLI + Ntfy

THE GOAL Create a system cron for WordPress, that is accessible and can be easily… Read More

2 months ago

2024 is here and now :)

2024, what's cooking? Slowly getting into the 2024 spirit. 3 projects coming to a close… Read More

4 months ago

2023 ends and whats next !

Short look back at 2023 This has been a busy and interesting year. I am… Read More

4 months ago

cubicFUSION Grid Tweaker – Elementor Grid made easy.

Elementor Pro provides grid containers as an experimental feature. The options provided are limited, when… Read More

5 months ago

Archaeology Travel Booth – Travel Innovation Summit 2023

Archaeology Travel is an online travel guide for people who enjoy exploring the world’s pasts.… Read More

6 months ago