How to Disable Access of IS to Directory Structure

Asked By lewis alberto 10 points N/A Posted on - 01/20/2012

How do I block a user who logs in ten times and hogs 10 connections? And how do I disable the ‘IS’ to not access the directory structure? Any help would be appreciated.

• Status: Open
• Question Views: 795
• Answer Count: 1
• Vote Up 0 Vote Down

• Answer Accepted: No
• Question Category: Misc Security

Answered By Akol ben 0 points N/A #101115

How to Disable Access of IS to Directory Structure

 

Try this:

 

<Directory full-path-to/USERS>

     Order Deny,Allow

     Deny from All

 </Directory>

 

If you want to block only PHP files from being served directly, then do:

 

1 – Make sure you know what file extensions the server recognizes as PHP (and don't allow people to override in htaccess). One of my servers is set to:

 

# Example of existing recognized extensions:

AddType application/x-httpd-php .php .phtml .php3

2 – Based on the extensions add a Regular Expression to FilesMatch (or LocationMatch)

 

 <Directory full-path-to/USERS>

     <FilesMatch ".(php3?|phtml)$">  

         Order Deny,Allow

         Deny from All

     </FilesMatch>

 </Directory>

Or use Location to match php files (I prefer the above files approach)

 

<LocationMatch "/USERS/.*.(php3?|phtml)$">

     Order Deny,Allow

     Deny from All

</LocationMatch>

About Akol ben

Questions
1

Answers
9

Best Answers
1

• Vote Up 0 Vote Down

• Posted on - 01/20/2012
• Question Category: Misc Security