- Joined
- Jun 6, 2012
- Messages
- 890
- Points
- 28
To stop anyone exploit/view your config files from your service by some tools, we can use .htaccess to protect our files by using code:
# to protect config_file.php
# to protect wordpress config file
# to protect the .htaccess file itself:
If you Chmod for a folder is 0777 to upload thumnails so using this code to protect scripts run from its folder and sub-folders
Hope it's useful to people want to protect your files online.
# to protect config_file.php
Code:
<Files config_file.php>
order allow,deny
deny from all
</Files>
Code:
<Files wp-config.php>
order allow,deny
deny from all
</Files>
Code:
<Files .htaccess>
order deny,allow
deny from all
</Files>
Code:
RewriteEngine On
RewriteRule .(php|php3|php4|php5|phps|phtml|shtm|shtml|cgi|pl |pm|asp|cfm|jse|jsp|jar|py|exe|com|bat|dll|pif|scr |reg|inf|htaccess|txt|html|htm)$ - [F]