How do I block a user who logs in ten times and hogs 10 connections? And how do I disable the ‘IS’ to not access the directory structure? Any help would be appreciated.
Answered By
Akol ben
0 points
N/A
#101115
How to Disable Access of IS to Directory Structure
Â
Try this:
Â
<Directory full-path-to/USERS>
   Order Deny,Allow
   Deny from All
 </Directory>
Â
If you want to block only PHP files from being served directly, then do:
Â
1 – Make sure you know what file extensions the server recognizes as PHP (and don't allow people to override in htaccess). One of my servers is set to:
Â
# Example of existing recognized extensions:
AddType application/x-httpd-php .php .phtml .php3
2 – Based on the extensions add a Regular Expression to FilesMatch (or LocationMatch)
Â
 <Directory full-path-to/USERS>
   <FilesMatch ".(php3?|phtml)$"> Â
     Order Deny,Allow
     Deny from All
   </FilesMatch>
 </Directory>
Or use Location to match php files (I prefer the above files approach)
Â
<LocationMatch "/USERS/.*.(php3?|phtml)$">
   Order Deny,Allow
   Deny from All
</LocationMatch>