boquear directories and files with . htaccess

Asked

Viewed 39 times

0

I don’t know much about .htaccess and I came across a project where it blocked some images that I climbed into an img folder of the project.

RewriteRule ^(css|js|img)/(.*)$ statics/$1/$2 [L]

But other images in this folder carried normally. The strange thing is that I searched by the name of the images that carried inside the file .htaccess and did not find. So I do not know how he blocked some and others not.

But when removing img of the rule all images started to load.

RewriteRule ^(css|js)/(.*)$ statics/$1/$2 [L]

My doubts are:

  • Why block uploading images to a project?

  • Removing img of the rule, I am exposing the security of my application in some way?

php htaccess

  • This is not blocking loading anything, this is redirecting css, js and img folders to a "virtual" folder (a route) that looks like this http://site/statics/img/image.jpg

  • Hello William, perfect your analysis. That’s exactly it. I searched and located the statics folder in the project and inside there is another img folder to where this redirection is going. Thank you for clarifying!

1 answer

1

It depends on why this, if you do not want the leak of someone’s photo can be useful.

Removing security(img) would not be removing security(from the application), in my view, would only remove privacy.

if you want to make only a few images public, following the same reasoning you can do something like

RewriteRule ^(css|js|img)/((?!private_).*)$ statics/$1/$2 [L]

You can see it working here https://regex101.com/r/bPBN1Q/2
Just take the private_ that regex "corresponds to"

Browser other questions tagged php htaccess

You are not signed in. Login or sign up in order to post.