CyberHosting

[Tutorial] How to deny access for files with certain extension or folder in OpenLiteSpeed/CyberPanel

edited March 2019 in Tutorials

in apache .htaccess file , we have something like this to deny access for certain files that needs to be protected

<FilesMatch "(?i)((\.ini|\.log|\.txt))">
 Require all denied
</FilesMatch>

but OpenLiteSpeed doesn't read this.

so how do we deny access for files or folders ?

1. deny files with certain ext.

by simply added this code into your .htaccess

RewriteRule ^.*\.(log|ini|txt)$ - [F,L,NC]

so any files with .log , .ini and .txt should be denied from access.

2. deny folder to be accessed.

add following code into the bottom of "vhost main configuration" area, like in screenshots

context /system {
  type                    NULL
  location                /home/$VH_NAME/public_html/system
  allowBrowse             0
  addDefaultCharset       off
}

explain: this context will NOT allow any access to http(s)://domain/system

original posted here by myself , and translated by myself :)

Comments

  • what code for directory listing? i want to display file contents on may site, sample site.com/downloads

  • @kaz050457 said:
    what code for directory listing? i want to display file contents on may site, sample site.com/downloads

    sorry didn't see it in time , have you already figured this out ?

    if not , this should help you

    https://forums.cyberpanel.net/discussion/136/options-followsymlinks-ports-25-465-587#latest

  • Trying RewriteRule ^/.*\.(log|ini|txt)$ - [F,L,NC] but it does not seem to be working, I can still view and download .ini files.
  • try

    ^.*\.(log|ini|txt)$ - [F,L,NC]
  • qtwrk said:

    try

    ^.*\.(log|ini|txt)$ - [F,L,NC]

    Thank you qtwrk.
  • Type your comment> @qtwrk said:
    > in apache .htaccess file , we have something like this to deny access for certain files that needs to be protected
    >
    > <FilesMatch "(?i)((\.ini|\.log|\.txt))"> Require all denied</FilesMatch>
    >
    > but OpenLiteSpeed doesn't read this.
    >
    > so how do we deny access for files or folders ?
    >
    > 1. deny files with certain ext.
    >
    > by simply added this code into your .htaccess
    >
    > RewriteRule ^.*\.(log|ini|txt)$ - [F,L,NC]
    >
    > so any files with .log , .ini and .txt should be denied from access.
    >
    > 2. deny folder to be accessed.
    >
    > add following code into the bottom of "vhost main configuration" area, like in screenshots
    >
    > context /system { type NULL location /home/$VH_NAME/public_html/system allowBrowse 0 addDefaultCharset off}
    >
    > explain: this context will NOT allow any access to http(s)://domain/system
    >
    > original posted here by myself , and translated by myself :)

    This is genius. And how to include certain IP from the global restriction of the folder? Is there an option for that?
  • Have you check this ?

    https://openlitespeed.org/kb/access-control/
  • Yes, and none of these are working. The only thing working is the vHost
Sign In or Register to comment.
CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!