$18.18

How to deny access to .htaccess file

Ask a question+
0

Here is my .htaccess file

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On
    RewriteBase /myproject/
    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>
# Protect the htaccess file
<Files .htaccess>
    Order Allow,Deny
    Deny from all
</Files>

But still this file is accessible

domain.com/.htaccess

add comment

1 Answer

0

Generally dot file treated as secure file and it wont be accessible via url until explicitly rule overrride at server end.

in case, dot file (htaccess or env) file is accessible then simply you can revoke access putting this statement in your htaccess file.

<FilesMatch "^\.">
Order allow,deny
Deny from all
</FilesMatch>
add comment

Your Answer