Server administration Setting access in .htaccess

Underground Forum

Underground Forum

  • #1

Htaccess settings​

Depending on the location of .htaccess, these settings can be applied to the entire site or a specific folder.

Basic settings​

Restrict access to .htaccess
<Files.htaccess>
order allow,deny
deny from all
</Files>

Close access to a specific file:
<Files file.php>
Order Deny.Allow
Deny from all
</Files>

Close access to a site or folder:
Order Deny,Allow
Deny from all

Deny access for a specific subnet:
allow from all
deny from 193.180.0.0/24

Deny access to specific ip addresses:
Order Deny,Allow
Allow from all
Deny from 193.180.0.1, 193.180.0.2

Open access for specific ip addresses:
Order Deny,Allow
Deny from all
Allow from 193.180.0.1, 193.180.0.2

Setting Authentication​

First you need to create a .htpasswd file with username and password user:password

Set a password for a specific file:
<files file.php=””>
AuthType Basic
AuthName ""
AuthUserFile /home/user/.htpasswd
Require valid-user
</files>

Set up access to the folder with a password:
resides
AuthType basic
AuthName "Password required"
AuthUserFile /home/user/.htpasswd
AuthGroupFile /dev/null
Require valid-user

Optional​

Simple DDOS protection:
LimitRequestBody 10240000

Website protection from bad bots:
<IfModule mod_setenvif.c>
# SetEnvIfNoCase User-Agent ^$ bad_bot
SetEnvIfNoCase User-Agent "^Francis.*" bad_bot
SetEnvIfNoCase User-Agent "^FreeWebMonitoring SiteChecker.*" bad_bot
SetEnvIfNoCase User-Agent "^FreshDownload.*" bad_bot
SetEnvIfNoCase User-Agent "^freshlinks.exe.*" bad_bot
SetEnvIfNoCase User-Agent "^FriendFeedBot.*" bad_bot
<Limit GET POST PUT>
   Order Allow, Deny
   Allow from all
   Deny from env=bad_bot
</Limit>
</IfModule>
 
Top