.htaccess Security
Login | Register RSS
02/11/2012 - Apache 

.htaccess Security

Here is a simple .htaccess file for use with Apache, which handles many the basics:

First , it prevents reading of any filenames which begin with ".ht"; such as ".htaccess" & ".htpasswrd".

Second, it removes PUT & DELETE abilities, but allows GET & POST.

Third the GET/POST block specific IP addresses or IP subnets.

You can use something like this as a base, and build upon it for other things.

Order Deny,Allow

<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>

<Limit PUT DELETE>
Deny from all
</Limit>

<Limit GET POST>
Deny from 116.193.8.0/21
Deny from 69.69.69.69
</Limit>


If you like this site or any of its content, please help promote it. Use the social media buttons below to help spread the word. Don't forget to post in the comments section.

  Print   Email
 
Image

Image Gallery