<Files *.php> Deny from All subdirectories

Hello,

this code in .htaccess disallow executing an .php files in directory and subdirectories

<Files *.php>
Deny from All
</Files>

Code (markup):

But i want to just disallow it in two subfolders or all subfolders without creating .htaccess in them.

I want to have only 1 htaccess in root. Can i anyhow set path or set this rule to apply only to subdirectories (not on root in which .htaccess is)? thanks

 

You can combine <Directory> and <Files> - akin to this:

<Directory /var/web/dir1>
<Files *.php>
Order allow,deny
Deny from all
</Files>
</Directory>

Code (markup):

Taken from here: http://httpd.apache.org/docs/2.2/sections.html -> it always helps reading the docs. Besides, this has nothing to do in the .php-section of the forum - you want this subforum: https://forums.digitalpoint.com/forums/apache.49/

 

Sorry for placing in bad section, im still noob in php, apache. If i want to disable php in dir1, dir2, dir3 can i anyhow combine it into one code, not pasting your code 3 times?

 

<Directory /var/web/*> should in theory work for all subdirectories, but I haven't tested it

 

I would try <Directory (/dir1|/dir3)>

rather than the wildcard which might get more than what is intended.

 

You can also upload a deny from all .htacess directly into each of the directories you want to block

 

I tried both of your commands and around 10 of its varieties, but thesereturns Error 500 on my side (

 

Try:

RedirectMatch403^.*/sub/folder/index\.php$

We are simply telling apache that any access to sub/folder/index.php will generate a "403 forbidden" answer.

You can put that in a httpd.conf or in the root .htaccess.

 

I have a question... WHY don't you want .htaccess in the subfolders? You WANT every folder on the site to waste time parsing .htaccess data that doesn't run or only applies to certain directories?

Sounds pretty silly to me. Rather than wasting time dicking around with trying to make a single file/single statement, just put it in the directories it's needed (or needs to be undone with allow) and be done with it!

You're taking something simple and making a right mess of it with that thinking.

 

Its possible that no one knows the answer how to do it, because its an ineffective way.. and better to take time to create .htaccess with
<Files *.php>
Deny from All
</Files>

and duplicate it into all directories instead of having all rules in one file in root