skip to Main Content

I’m on an apache2 installation and want to deny access to a specific php file with a .htaccess file

<Files test.php>
  Require all denied
</Files>

Which does not work. However, denying access to a different file type does work as expected

<Files test.html>
  Require all denied
</Files>

I’ve tried with various file types, all work as expected, except for php files. What do I miss here? I’m using php-fpm.

2

Answers


  1. My Test Environment

    Ubuntu 20.04

    Install Apache 2 And Php

    sudo apt update
    sudo apt upgrade
    sudo apt install apache2
    sudo apt install php libapache2-mod-php php-mysql
    

    Start Apache

    sudo systemctl start apache2
    sudo systemctl enable apache2
    sudo systemctl status apache2
    

    modify /etc/hosts

    append demoweb and demoweb.local into 127.0.0.1

    127.0.0.1       localhost demoweb demoweb.local
    

    test demoweb.local

    ping demoweb.local
    

    Create My Domain – demoweb

    Create Domain Directory

    sudo mkdir -p /var/www/demoweb
    

    Create Domain index.html

    /var/www/demoweb/index.html

    <html>
    <head>
    <title>Welcome to demo.local</title>
    </head>
    <body>
    <h1>Success! The demoweb.local server block is working!</h1>
    </body>
    </html>
    

    Create Domain Config

    /etc/apache2/sites-available/demoweb.conf

    <VirtualHost *:80>
        ServerAdmin webmaster@demoweb
        ServerName demoweb
        ServerAlias demoweb.local
        DocumentRoot /var/www/demoweb
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
    
      <Directory "/var/www/demoweb">
             AllowOverride All
      </Directory>
    
    </VirtualHost>
    

    Very Important

      <Directory "/var/www/demoweb">
             AllowOverride All
      </Directory>
    

    Enable your Domain

    sudo a2ensite demoweb.conf
    sudo systemctl reload apache2
    

    Create your .htaccess

    /var/www/demoweb/.htaccess

    <Files info.php>
      Require all denied
    </Files>
    

    Create Test php

    /var/www/demoweb/info.php

    <?php
    phpinfo();
    ?>
    

    /var/www/demoweb/info2.php

    <?php
    phpinfo();
    ?>
    

    Restart Apache

    sudo systemctl restart apache2
    

    Test 1

    use Firefox or curl open http://demoweb.local/info2.php

    Test 2

    use Firefox or curl open http://demoweb.local/info.php

    will get error:

    403 Forbidden
    
    You don't have permission to access this resource.
    Apache/2.4.41 (Ubuntu) Server at demoweb.local Port 80
    

    IMPORTANT:

    if test all ok , delete /var/www/demoweb/info2.php and /var/www/demoweb/info.php

    Summary

    I am test all steps OK in my ubuntu 20.4

    Login or Signup to reply.
  2. Apache 2 + php-fpm

    My Test Environment

    Ubuntu 20.04

    Install Apache 2 And Php

    sudo apt update
    sudo apt upgrade -y 
    sudo apt install apache2 -y
    sudo apt install php php-fpm -y
    sudo apt install libapache2-mod-fcgid -y
    

    Enable Necessary Apache Modules

    sudo a2enmod proxy_fcgi setenvif
    

    Configure Apache to Use PHP-FPM

    sudo nano /etc/apache2/sites-available/000-default.conf
    

    Within the <VirtualHost *:80> block, add the following lines:

    <VirtualHost *:80>
        ...
        
        # PHP-FPM Configuration
        <FilesMatch .php$>
            SetHandler "proxy:unix:/run/php/php7.4-fpm.sock|fcgi://localhost"
        </FilesMatch>
    
        <Files "info.php">
            Require all denied
        </Files>
        ...
    </VirtualHost>
    

    Note: Ensure to replace php7.4-fpm.sock with the actual socket path for your PHP version. You can check this by looking into the /run/php/ directory.

    Note: No .htaccess , I put it in /etc/apache2/sites-available/000-default.conf

    Restart Apache and PHP-FPM Services

    sudo systemctl restart apache2
    sudo systemctl restart php7.4-fpm
    

    Create Test php

    sudo nano /var/www/html/info.php
    

    Add the following content:

    <?php
    phpinfo();
    ?>
    
    sudo nano /var/www/html/info2.php
    

    Add the following content:

    <?php
    phpinfo();
    ?>
    

    Test 1

    use Firefox or curl open http://localhost/info2.php

    Test 2

    use Firefox or curl open http://localhost/info.php

    will get error:

    403 Forbidden
    
    You don't have permission to access this resource.
    Apache/2.4.41 (Ubuntu) Server at localhost Port 80
    

    IMPORTANT:

    if test all ok , delete /var/www/html/info.php and /var/www/html/info2.php

    Summary

    I am test all steps OK in my ubuntu 20.4

    My test environment always starts with re-copying a cleanly initialized Ubuntu VM.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search