6. Order Allow, Deny SCOPE | .htaccess Tutorial
Order Allow, Deny SCOPE
The .htaccess file containing the next directives:
- Allow
- Deny
- Order Allow,Deny
- Order Deny,Allow
- SetEnvIf with Order Allow,Deny
- SetEnvIf with Order Deny,Allow
can be placed inside:
- the public_html directory (aka the web directory, localhost) → the directives apply to the entire server
- a specific directory → the directives apply to that directory and all its subdirectories
- in a subdirectory → the directives apply to that subdirectory and all its subdirectories
Also, you can Allow ⁄ Deny access to specific files regardless of their location, or files located in specific directories.
Order Allow, Deny Examples
1. Allow ⁄Deny access to the entire server (=entire web space)
path: public_html/.htaccess
1 | Deny from all |
Note: depending on your purpose, instead of Deny directive, you can use:
»Allow
»Order Allow,Deny
»Order Deny,Allow
»SetEnvIf with Order Allow,Deny
»SetEnvIf with Order Deny,Allow
2. Allow ⁄Deny access to specific directories
path: public_html/dir1/.htaccess
1 | Deny from all |
3. Allow ⁄Deny access to specific subdirectories
1 | Deny from all |
1 | Deny from all |
1 | Allow from all |
1 | Allow from all |
1 | Deny from all |
1 | Allow from all |
4A. Allow ⁄Deny access to specific files, scope: entire server
DENY ACCESS TO 1 RESOURCE:
1 2 3 | <Files classified.html> |
DENY ACCESS TO MULTIPLE RESOURCES:
1 2 3 | <FilesMatch \.(gif|jpe?g|png)$> |
1 2 3 | <FilesMatch \.html$> |
4B. Allow ⁄Deny access to specific files, scope: specific directories/subdirectories
1 2 3 | <Files classified.html> |
1 2 3 | <Files "classified.html"> |
1 2 3 | <Files "classified.html"> |
1 2 3 | <Files "classified.html"> |
Video demonstration Order Allow, Deny SCOPE
Order Allow, Deny SCOPE Tutorial
min | video details |
---|---|
00:01 | Order Allow Deny directives, SCOPE .htaccess Tutorials |
00:15 | Example 1: deny access to the entire server, except dir1 (subdir1 access also denied) |
00:30 | .htaccess Deny from all path: htdocs, subdir1 Allow from all path: dir1 |
01:27 | Example 2: deny access to a specific subdirectory: subdir1 |
02:06 | Example 3: deny access to classified.html file regardless of its location inside the web space |
02:46 | classified.html access denied, other files e.g. index.html access allowed |
03:05 | Example 4: deny access to all html pages |
For more information about the apache.org
file, please see the spec: