W3-Video WEB Tutorials

w3-video.com is a Free eLearning Website with over 500 video tutorials on HTML5, XAMPP, .htaccess, Firefox, Notepad++

.htaccess Tutorial

Home HTML5 XAMPP .htaccess Firefox Notepad++


6. Order Allow, Deny SCOPE | .htaccess Tutorial


Share it

Order Allow, Deny SCOPE

The .htaccess file containing the next directives:

can be placed inside:

  1. the public_html directory (aka the web directory, localhost) → the directives apply to the entire server
  2. a specific directory → the directives apply to that directory and all its subdirectories
  3. in a subdirectory → the directives apply to that subdirectory and all its subdirectories

Also, you can AllowDeny access to specific files regardless of their location, or files located in specific directories.

Order Allow, Deny Examples

2. Allow ⁄Deny access to specific directories

Deny access to dir1
path: public_html/dir1/.htaccess
1Deny from all

3. Allow ⁄Deny access to specific subdirectories

1. Deny access to dir1 and its subdirectories: subdir1, subdir2
path: public_html/dir1/.htaccess
1Deny from all
2. Deny access to dir1, allow access to its subdirectories subdir1, subdir2
path: public_html/dir1/.htaccess
1Deny from all

path: public_html/dir1/subdir1/.htaccess
1Allow from all

path: public_html/dir1/subdir2/.htaccess
1Allow from all

3. Deny access to all server except subdir2
path: public_html/.htaccess
1Deny from all

path: public_html/dir1/subdir2/.htaccess
1Allow from all


4A. Allow ⁄Deny access to specific files, scope: entire server

DENY ACCESS TO 1 RESOURCE:

1. Deny access to "classified.html" file regardless of its location inside the web space
e.g.
public_html/classified.html
public_html/folderA/classified.html
public_html/folderx/foldery/folderw/classified.html

path: public_html/.htaccess
1
2
3		<Files classified.html>
  Deny from all
</Files>

DENY ACCESS TO MULTIPLE RESOURCES:

1. Deny access to different types of images located inside the web space
path: public_html/.htaccess
1
2
3		<FilesMatch \.(gif|jpe?g|png)$>
  Deny from all
</FilesMatch>
2. Deny access to all html pages located within the web space
path: public_html/.htaccess
1
2
3		<FilesMatch \.html$>
  Deny from all
</FilesMatch>

4B. Allow ⁄Deny access to specific files, scope: specific directories/subdirectories

1. Deny access to the "classified.html" file located inside /folderw/
path: public_html/folderx/foldery/folderw/.htaccess
1
2
3		<Files classified.html>
  Deny from all
</Files>
2. Deny access to "classified.html" located in root directory, allow access to "classified.html" located elsewhere (web space)
e.g.
public_html/classified.html
public_html/folderA/classified.html
public_html/folderx/foldery/folderw/classified.html

path: public_html/.htaccess
1
2
3		<Files "classified.html">
  Deny from all
</Files>

path: public_html/folderA/.htaccess
1
2
3		<Files "classified.html">
  Allow from all
</Files>

path: public_html/folderx/foldery/folderw/.htaccess
1
2
3		<Files "classified.html">
  Allow from all
</Files>

Video demonstration Order Allow, Deny SCOPE

Order Allow, Deny SCOPE Tutorial

min video details
00:01 Order Allow Deny directives, SCOPE .htaccess Tutorials
00:15 Example 1:
deny access to the entire server, except dir1 (subdir1 access also denied)
00:30 .htaccess
Deny from all
path: htdocs, subdir1

Allow from all
path: dir1
01:27 Example 2:
deny access to a specific subdirectory: subdir1
02:06 Example 3:
deny access to classified.html file regardless of its location inside the web space
02:46 classified.html access denied,
other files e.g. index.html access allowed
03:05 Example 4:
deny access to all html pages

For more information about the htaccess file, please see the spec: apache.org