As the title says, I would like to exclude from apache execution all php files but not some of them that I know to be "legal".
I've tried with [^(file1|file2|file3|...|filen)|(\*)].[(php)|^(\*)] but it seem to match only the last character of the file inside ()
I've also tried with negative lookahead but with no result.
Could someone point me in the right direction?
Edit: Obviously I use Deny from all under that expression
<Files> allows a regex use with ~ operator but <FilesMatch> should be preferred:
<FilesMatch '\.php$'>
Deny from all
</FilesMatch>
<FilesMatch '(file1|file2|file3)\.php$'>
Allow from all
</FilesMatch>
Official Doc says:
Regular expressions can also be used, with the addition of the ~
character. For example:
<Files ~ "\.(gif|jpe?g|png)$">
#... </Files>
would match most common Internet graphics formats. <FilesMatch> is
preferred, however.
Related
Currently we have:
# ----------------------------------------+++++----
<FilesMatch "(?i)(\.tpl|.twig|\.ini|\.log|\.txt)">
Require all denied
</FilesMatch>
But we need to allow robots.txt and ads.txt.
How to achieve that?
Try this:
(?i)(\.tpl|.twig|\.ini|\.log|(?<!robots|ads)\.txt)$
(?<!robots|ads)\.txt not robots or ads followed by .txt.
$ the end of the line/string.
See regex demo
I am using htaccess to deny access to my php-files. Nevertheless I need some of them called from outside, e.g. index.php
I came up with
<Files a_string_a.php>
Order Allow,Deny
Allow from all
</Files>
Works as expected, I can use the file. But I have several files. I want to avoid to write for every files such a block. Is there a chance to explain htaccess that it shall give access to all files that matches
..._string_.....PHP? (containing a unique string no matter what else is in the filename)
I am pretty sure there is a RegExpress for this but I am kinda lost and not sue how to integrate this into htacess - thank you for a tip.
Maybe like this:
<FilesMatch "(index|foo|bar)\.php$">
Order Allow,Deny
Allow from all
</FilesMatch>
And add any file basename with a | (regex or).
See https://httpd.apache.org/docs/2.4/mod/core.html#filesmatch
..._string_.....PHP? (containing a unique string no matter what else is in the filename)
You may be able to use this FilesMatch directive with a regex:
<FilesMatch "(?i)^.*_string_.*\.php$">
Order Allow,Deny
Allow from all
</FilesMatch>
RegEx Details:
(?i): Enable ignore case matching
^: Start
.*: Match 0 or more of any characters
_string_: Match _string_
.*: Match 0 or more of any characters
\.php: Match .php
$: End
I am interested in excluding some documents from being indexed on search engines, so I am using X-Robots-Tag to achieve it. However, I need to have a regular expression which will select documents within a specific direcotory i.e. secret document in my case.
For Example
/dir1/dir2/secret documents/file1.pdf
/dira/dir1/dir2/secret documents/file2.pdf
/dir1a/secret documents/file3.pdf
/dir1a/other documents/file4.pdf
As you can see, there could be any number of directories on left, but the last directory if is "secret documents", i want to disallow it using following code in htaccess.
Regular Expression
RegEx should fit in below
<Files ~ "\.pdf$">
Header set X-Robots-Tag "noindex, nofollow"
</Files>
You can use:
<Files ~ "secret\ documents/.+?\.pdf$">
Header set X-Robots-Tag "noindex, nofollow"
</Files>
<Files ~ "secret\ documents\/.+?\.pdf$">
Header set X-Robots-Tag "noindex, nofollow"
</Files>
Don't forget to escape the forward slash after documents.
In my htaccess, I only allow specific filenames to be accessed, until now.
I need to match a filename like this:
some-364-file-name-12345.htm
or
some-364-file-name-123456.htm
crude attempt of dozens
<FilesMatch "^[a-Z0-9]\d{5}/.htm$">
## but need yada-yada-5 OR 6 digits followed by .htm
Order allow,deny
allow from all
</FilesMatch>
My existing is this:
<FilesMatch "(index.html|robots.txt|sitemap.xml|subscribe.htm)$">
Order allow,deny
allow from all
</FilesMatch>
CAN I ACTUALLY add the solution to my existing line?
So, being very unfamiliar with regex, although I have been trying all day and can't figure this out, how can I allow the pages I have:
some-file-name-312-33-12345.htm
some-33-333-file-name-654321.htm
I just want to match all alpha numeric (also dashes) followed by a 5 or 6 digit number .htm
I need a guru as 6 hours of reading and attempting has brought me here.
Thanks...
Try this regex:
<FilesMatch "\d{5,6}\.html?$">
I wanted to serve .xhtml files as
application/xhtml+xml if the browser says that it accepts it.
text/html otherwise
I tried doing it with mod_rewrite but it didn't work with Options -FollowSymLinks (see Why I do I get 403 Forbidden when viewing files affected by Apache RewriteRule if I have `Options -FollowSymLinks`?).
Then, I tried
<Files "*.xhtml">
<If "%{HTTP:Accept} !~ /application\/xhtml\+xml/">
ForceType text/html
</If>
</Files>
But I get a syntax error: Failed to compile regular expression.
Meanwhile, I use this code...
<Files "*.xhtml">
<If "%{HTTP:Accept} !~ /xhtml\+xml/">
ForceType text/html
</If>
</Files>
... which works, but I want to match the correct MIME type.
You could use an escape code like \x2F instead of the /.
It looks like improving this is still under construction as of Apache 2.4. Apache team member "covener" recommends m#regexp# instead.
So your code would look like this...
<If "%{HTTP:Accept} !~ m#application/xhtml\+xml#">