<Files *.php> Deny from All subdirectories

Discussion in 'Site & Server Administration' started by postcd, Apr 12, 2014.

0
  1. #1
    Hello,

    this code in .htaccess disallow executing an .php files in directory and subdirectories
    <Files *.php>
Deny from All
</Files>
    Code (markup):
    But i want to just disallow it in two subfolders or all subfolders without creating .htaccess in them.

    I want to have only 1 htaccess in root. Can i anyhow set path or set this rule to apply only to subdirectories (not on root in which .htaccess is)? thanks
     
    postcd, Apr 12, 2014 IP
  2. PoPSiCLe

    PoPSiCLe Illustrious Member

    Messages:
    4,623
    Likes Received:
    725
    Best Answers:
    152
    Trophy Points:
    470
    #2
    PoPSiCLe, Apr 12, 2014 IP
  3. postcd

    postcd Well-Known Member

    Messages:
    1,043
    Likes Received:
    9
    Best Answers:
    1
    Trophy Points:
    190
    #3
    Sorry for placing in bad section, im still noob in php, apache. If i want to disable php in dir1, dir2, dir3 can i anyhow combine it into one code, not pasting your code 3 times?
     
    postcd, Apr 13, 2014 IP
  4. PoPSiCLe

    PoPSiCLe Illustrious Member

    Messages:
    4,623
    Likes Received:
    725
    Best Answers:
    152
    Trophy Points:
    470
    #4
    <Directory /var/web/*> should in theory work for all subdirectories, but I haven't tested it
     
    PoPSiCLe, Apr 13, 2014 IP
  5. RobinInTexas

    RobinInTexas Active Member

    Messages:
    217
    Likes Received:
    14
    Best Answers:
    2
    Trophy Points:
    65
    #5
    I would try <Directory (/dir1|/dir3)>

    rather than the wildcard which might get more than what is intended.
     
    RobinInTexas, Apr 13, 2014 IP
  6. Mr Lee

    Mr Lee Greenhorn

    Messages:
    27
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    20
    #6
    You can also upload a deny from all .htacess directly into each of the directories you want to block
     
    Mr Lee, Apr 14, 2014 IP
  7. postcd

    postcd Well-Known Member

    Messages:
    1,043
    Likes Received:
    9
    Best Answers:
    1
    Trophy Points:
    190
    #7
    I tried both of your commands and around 10 of its varieties, but thesereturns Error 500 on my side (
     
    postcd, Apr 14, 2014 IP
  8. ez-designs

    ez-designs Well-Known Member

    Messages:
    230
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    105
    #8
    Try:

    RedirectMatch403^.*/sub/folder/index\.php$

    We are simply telling apache that any access to sub/folder/index.php will generate a "403 forbidden" answer.

    You can put that in a httpd.conf or in the root .htaccess.
     
    ez-designs, Apr 14, 2014 IP
  9. deathshadow

    deathshadow Acclaimed Member

    Messages:
    9,732
    Likes Received:
    1,999
    Best Answers:
    253
    Trophy Points:
    515
    #9
    I have a question... WHY don't you want .htaccess in the subfolders? You WANT every folder on the site to waste time parsing .htaccess data that doesn't run or only applies to certain directories?

    Sounds pretty silly to me. Rather than wasting time dicking around with trying to make a single file/single statement, just put it in the directories it's needed (or needs to be undone with allow) and be done with it!

    You're taking something simple and making a right mess of it with that thinking.
     
    deathshadow, Apr 14, 2014 IP
    ryan_uk likes this.
  10. postcd

    postcd Well-Known Member

    Messages:
    1,043
    Likes Received:
    9
    Best Answers:
    1
    Trophy Points:
    190
    #10
    Its possible that no one knows the answer how to do it, because its an ineffective way.. and better to take time to create .htaccess with
    <Files *.php>
    Deny from All
    </Files>

    and duplicate it into all directories instead of having all rules in one file in root
     
    postcd, Apr 15, 2014 IP