How to Prevent Access to Your php.ini file or any other risky files by htaccess file

If you run the risk of someone accessing your php.ini  file directly through their browsers, you can limit access to them using htaccess file.

Put following lines in your .htaccess file:

<Files php.ini>
Order allow,deny
Deny from all
</Files>

If you want to prevent the risk access to your other files such as your htacess, htpasswd, ini, phps, fla, psd, log, sh files, you can also put following lines into your htaccess file:

<filesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$">
 Order Allow,Deny
 Deny from all
</filesMatch>

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.