Deny access to zip files

#1
Hello everyone,

I have installed Cyberpanel with OpenLiteSpeed to build my digital product store. I am using Wordpress with Easy Digital Download.

This plugin will create a .htaccess file in "/wp-content/uploads/edd/" to be able to deny direct access to files, but it contains some rules that openlitespeed does not support:


Options -Indexes
deny from all
<FilesMatch '\.(jpg|jpeg|png|gif|mp3|ogg)$'>
Order Allow,Deny
Allow from all
</FilesMatch>


I've been trying all day to deny direct access to files. I've created contexts, I've read the documentation, I've tried to do it with rewrite rules ... but I can't. I do not know what to do. Can anybody help me?

Best regards.
 

gilles

Active Member
#2
Rewrite rules won't work as OLS does not support them for file access.
What file extensions are you trying to allow/deny access to?
Do you want to allow access to all jpg|jpeg|png|gif|mp3|ogg files and deny everything else?
 
Last edited:

gilles

Active Member
#4
@Cold-Egg: It would be great if there was an example to show how to allow specific file extensions and deny all others. Using the negative match operator (?!) from Perl extended regular expressions does not seem to work.
 
#5
Hello there,

I have done it! I don't know why it didn't work for me the first time, I think I didn't restart the server xD

I paste the solutions here in case someone needs them in the future. There are two ways to do it:

.htaccess
(If there is more than one .htaccess file, put the rewriterule in the .htaccess of the directory you want to protect. In my case in: "/wp-content/uploads/edd/.htaccess")

RewriteRule ^.*\.(txt|zip)$ - [F,L,NC]


context
(The "type null" is also valid. Paste the context at the bottom of: Cyberpanel > Website > List websites > Choose a web from the list > vHost Config )

context exp:^.*\.zip$ {
type static
location /home/$VH_NAME/public_html/wp-content/uploads/add/
allowBrowse 0
addDefaultCharset off
}


After applying the solution, restart litespeed.

Thank you very much for your help @gilles. What you propose also seems like a good idea to me ("if there was an example to show how to allow specific file extensions and deny all others").

Best regards.
 
Top