Making hidden files 403 unaccessable

[inTempoDK]

Hi,

Playing around with openlitespeed, i found out where to make folders unaccessable in the server config security tab, but where can you set hidden files unaccessable (.****) ?

Thanks

 

[Cold-Egg]

You can use rewrite to block files as well, e.g.

RewriteRule .123.php - [F,L]

 

[inTempoDK]

You can use rewrite to block files as well, e.g.

RewriteRule .123.php - [F,L]

Can i do that default for intire server somewhere in openlitespeed configuratons? or do i have to do individual in every directory using .htaccess or?

 

[inTempoDK]

RewriteRule .* - [F,L]

dont work, then intire site breaks, note that the file name is ".something", not ".something.php" or something like this, all ".something" files should be not accessable.

 

[Cold-Egg]

With ".*", if you have .htaccess file there, it will break the site. So you might want to exclude the file with rewritecond

 

[inTempoDK]

Thanks all, got it working

 

[Cold-Egg]

Do you mind sharing with others?