0
My .htaccess file looks like:
# Prevent .htaccess files from being viewed
<Files ".ht*">
Require all denied
</Files>
# Deny access to files with extensions
<Files ".*\.md">
Require all denied
</Files>
# Allow to get error log
<Files "linked-error.log">
Require all denied
Require ip 10.10.15.1
</Files>
The first two parts is working as expected, I cannot access to those .ht* and .md files.
The last part seems broken, because I can access the file linked-error.log from anywhere. It is a soft link file to today's error log.
My html document directory is like:
-rwxrwxr-x 1 www-data www-data 1029 .htaccess
-rw-r--r-- 1 root root 9809 linked-error.log -> /home/project/log/error.log
-rwxrwxr-x 1 www-data www-data 2762 index.php
I had already restart apache server sudo service apache2 restart.
Update:
If I delete the soft link and copy the file linked-error.log to website root directly, the blocking role still does not work.
Dia
Posted 2019-08-07T06:16:33.643
Reputation: 101
Is
linked-error.login the same directory as.htaccess? Is Apache behind a reverse proxy? Have you checked the logs? – gronostaj – 2019-08-07T06:42:43.263Did you try to turn the rules around? – Seth – 2019-08-07T08:05:14.130