How do I use .htaccess to block a directory and all subdirectories without RewriteEngine?

Question

So far, I have:

order deny,allow
deny from all
allow from 127.0.0.1/8

This blocks the top directory (not root directory) of the folder I am trying to hide from anyone else except me, but it does not block subdirectories. I still want to have access to the directory, and all the examples I have seen use the Rewrite Engine to completely block access from subdirectories. How do I block the subdirectories as well? This is the opposite of the first suggested question:

How do I make .htaccess work on the current directory and not subdirectories?

score 0 · Answer 1 · answered Nov 18 '12 at 13:24

0

Your quoted config works as you need.

If it does block only the current directory but you're able to access a subdirectory of it - this is how I understand your description - it means, you changed the access rules with some further .htaccess and/or config in httpd.conf i.e. by allow from all

answered Nov 18 '12 at 13:24

Kamil Šrot

2,141
17
19

Your answer was close but not exact. I would vote up your answer if I had enough reputation myself. – NobleUplift Nov 19 '12 at 13:57
@NobleUplift thanks. Do you still have some problems or is it solved already? What was the problem? – Kamil Šrot Nov 19 '12 at 14:48
I made an answer to explain the solution. – NobleUplift Jan 13 '13 at 18:34

score 0 · Accepted Answer · answered Nov 19 '12 at 13:58

At first, I thought the closed beta packages I was testing were overriding my .htaccess file with their own, but they did not override any directory permissions.

At Kamil's suggestion, I looked into my httpd.conf and noticed that AllowOverride was set to None for the root directory of my web server. Setting it to All worked like a charm.

How do I use .htaccess to block a directory and all subdirectories without RewriteEngine?

2 Answers2