Question posted in
Some documentation to get you started can be found here.

Apache – Only allow to open files located in a specific folder via URL

I am useing the following folder structure:

    localhost
        server
            php
                docs
                classes
                errors
                ...
        client
            css
            javascript
            ...

All documents which should be opened by the user via url are located in the server/php/docs directory.

localhost/server/docs/index.php
localhost/server/docs/any_other_document_in_this_folder.php

But something like this should not be possible:

localhost/server/classes/language.php   
localhost/server/errors/error404.php  
localhost/client/javascript/buttonhandler.js

How can I forbid the user to open files on this way?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I am using now 5 redirects. Maybe it is possible to use not as much.

    RedirectMatch "^/$" "/server/php/docs/index.php"
RedirectMatch "^/(server)/(php)/((?!docs).*)$" "/server/php/docs/index.php"
RedirectMatch "^/(client).*$" "/server/php/docs/index.php"
RedirectMatch "^/(server|client)/$" "/server/php/docs/index.php"
RedirectMatch "^/(server)/((?!php).*)$" "/server/php/docs/index.php"

  2. 0

    My posted solution does not work. Every url used in documents in the directory

    server/php/docs

    is redirected. Also stuff like

    <script type="text/javascript" src="../../../client/vendor/jquery-3.3.1.min.js"></script>

    So my question is: is it possible (and how) that the user is not able to open URLs as I posted at the very beginning? I would prefer that in this case the user is redirected to 

    localhost/server/php/docs/index.php
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search