Using htaccess to make directories inaccessible by anyone but localhost

Question

I'm trying to make it so only loocal scripts on the machine/web server can access /avatars/ example: profile.php?username=Jordan it has to show on that script but if i go to the link directoly it shows error 403 or whatever it needs. i used:

Order Deny,Allow
Deny from all
Allow from 127.0.0.1
ErrorDocument 403 "Error: <br /><h2>You are not allowed to access this directly.</h2>

but it doesnt work, why?

possible duplicate of [htaccess "order" Deny, Allow, Deny](http://stackoverflow.com/questions/9943042/htaccess-order-deny-allow-deny) — Ben, Sep 09 '14 at 05:40

score 0 · Answer 1 · answered Sep 09 '14 at 06:24

0

You need to set:

AllowOverride None

to

AllowOverride All

inside httpd.conf

tested working: enter image description here

answered Sep 09 '14 at 06:24

Teddybugs

1,232
1
12
37

Using htaccess to make directories inaccessible by anyone but localhost

1 Answers1