0

I'm slowly starting to learn how to use HTACCESS and the code below doesn't work for some reason the options part itself works.

Options +FollowSymlinks
RewriteEngine on

Options ALL -Indexes

So I'm already restricting users from accessing directories but is there any way to restrict them from accessing all files in certain folders directly?

Right now people are restricted from folders /php/ /css/ etc but if they type /css/style.css they will access that file

Higeath
  • 175
  • 1
  • 2
  • 9

1 Answers1

0

Options -Indexes is not used to restrict access per say. It's to prevent listing files in your directory so that they can't access or see all your files in the folder. So if there is no index file it will give a forbidden error.

You need to explicity block access and use other directives. You can use <file> with order, Rewriterule etc.

An example of blocking file types in a directory would be like this. For instance I have an images directory and want to block jpeg, jpg, png and gifs

RewriteEngine On
RewriteCond %{REQUEST_URI} ^/images [NC]
RewriteCond %{REQUEST_URI} \.(jpe?g|png|gif)$ [NC]
RewriteRule .* - [F,L]

Side note, blocking CSS is prevent irrelevant anyway because the browser has to load it to view the page properly. There's no point to do so because you can inspect any element to see the styles on all modern browsers.

Panama Jack
  • 24,158
  • 10
  • 63
  • 95
  • Options -Indexes RewriteEngine On RewriteCond %{REQUEST_URI} ^/administration [NC] RewriteCond %{REQUEST_URI} !\.(php)$ [NC] RewriteRule .* - [F,L] That is what i try to use right now with no luck 'System Internal Error' I want to keep Options -Indexes for the directories – Higeath Mar 12 '15 at 19:43
  • You need to make sure you have mod_rewrite module enabled or you will get an 500 internal error. – Panama Jack Mar 12 '15 at 20:07