Apache2: How do I restrict access to a directory, but allow access to one file within it?
# No one needs to access this directly
<Directory /var/www/DangerousDirectory/>
Order Deny,allow
Deny from all
</Directory>
# But this file is OK:
<Files /var/www/DangerousDirectory/SafeFile.html>
Order Deny,Allow
Allow from all
</Files>
And if this directory is password-protected, add Satisfy any
too.
There is an answer on StackOverflow that should answer this question, I think there is a missing Order
in the nested Files
directive?
https://stackoverflow.com/questions/6243677/apache-how-to-deny-directory-but-allow-one-file-in-that-dirctory