0

In my project-name\public\user-note folder there are .txt files that I don't want others to access and I added a .htaccess file with the content:

<filesmatch "\.(ini|psd|log|sh|txt)$">
order allow,deny
deny from all
</filesmatch>

And one more thing is that when I access http://<ip>:8000/.htaccess, it shows all the contents of the .htaccess file in the project-name\public folder

Image does not block .txt file access

.htaccess file images can be viewed by visitors

Hong ck
  • 33
  • 5
  • Your local dev machine security will be necessarily lax. Are you getting these same outcomes on your public server? I ask because this isnt a programming problem but would deal with the webserver setup that may or may not be in your control, if public (e.g. a hosting provider)? – mardubbles Apr 10 '22 at 03:13
  • so... a curious question, did you by any chance.. starts laravel using `php artisan serve`? see [this qa](https://stackoverflow.com/a/44432874). – Bagus Tesa Apr 10 '22 at 13:03
  • https://stackoverflow.com/a/11729748/8577321 this is what you need . duplicated question – hashem sheikhypour Apr 10 '22 at 13:27
  • Does this answer your question? [How to deny access to a file in .htaccess](https://stackoverflow.com/questions/11728976/how-to-deny-access-to-a-file-in-htaccess) – hashem sheikhypour Apr 10 '22 at 13:27

1 Answers1

0
RewriteEngine on

<Files "log.txt">  
  Order Allow,Deny
  Deny from all
</Files>
Ruhunage Deshan
  • 73
  • 1
  • 8