0
My .htaccess
file looks like:
# Prevent .htaccess files from being viewed
<Files ".ht*">
Require all denied
</Files>
# Deny access to files with extensions
<Files ".*\.md">
Require all denied
</Files>
# Allow to get error log
<Files "linked-error.log">
Require all denied
Require ip 10.10.15.1
</Files>
The first two parts is working as expected, I cannot access to those .ht*
and .md
files.
The last part seems broken, because I can access the file linked-error.log
from anywhere. It is a soft link file to today's error log.
My html document directory is like:
-rwxrwxr-x 1 www-data www-data 1029 .htaccess
-rw-r--r-- 1 root root 9809 linked-error.log -> /home/project/log/error.log
-rwxrwxr-x 1 www-data www-data 2762 index.php
I had already restart apache server sudo service apache2 restart
.
Update:
If I delete the soft link and copy the file linked-error.log
to website root directly, the blocking role still does not work.
Is
linked-error.log
in the same directory as.htaccess
? Is Apache behind a reverse proxy? Have you checked the logs? – gronostaj – 2019-08-07T06:42:43.263Did you try to turn the rules around? – Seth – 2019-08-07T08:05:14.130