.htaccess - configuration file of the Apache web server. It allows you to set a large number of additional parameters and permissions for the web server in individual directories (folders), such as controlling access to directories and files, reassigning file types, specifying encoding, etc., without changing the main configuration file.
When you go to a page that is denied access by .htaccess, the user will see a service page with a 404 error code.
To edit the file we will go to "Files → File Manager"
Let's go to the "public_html" folder.
By default, the ".htaccess" file is hidden. So let's click on "Settings" and check "Show hidden files (dotfiles) ".
Next, select our .htaccess and click "Edit".
In the window that appears, click "Disable encoding check" and the "Edit" button.
After editing the file, click on "Save Changes".
How to block access to the site for everyone
In a command, each word (directive) has a different meaning:
- Order - means order, i.e. order of actions.
- Allow - allows access
- Deny - in contrast, denies access.
To completely deny access to the site, you need to write:
deny from all # Denies access to the site to all IP addresses
# How to deny access to a site to only a certain IP*
To completely deny the site to all but one IP, add
order deny,allow # Defines the order in which the other commands are executed. Right now, allow comes after deny.
deny from all # Denies access to the site to all IP addresses
allow from XXX.XXX.XXX.XXX # Allows access to the specified IP. If there are multiple IPs, separate them with a space.
How to deny access to a site to only a certain IP
To completely deny access to the site for a single IP, add in .htaccess:
deny from XXX.XXX.XXX.XXX # Denies access to a specified IP. If you have multiple IPs, put a space between them.
How to control access to a certain file
If you want different access settings for different files on the site, you can use the command . For example, to close access to file wp-config.php for everyone but you, add in .htaccess:
<Files wp-config.php>
order deny,allow # Defines the order in which the other commands are executed. Right now allow comes after deny.
deny from all # Denies access to the file to all IP addresses
allow from XXX.XXX.XXX.XXX # Allows access to the specified IP. If there are multiple IPs, separate them with a space
</Files>
In the same way, you can block access to the .htaccess itself:
<Files .htaccess>
order deny,allow # Defines the order in which the other commands are executed. Right now allow comes after deny.
deny from all # Denies access to the file to all IP addresses
allow from XXX.XXX.XXX.XXX # Allows access to the specified IP. If there are multiple IPs, separate them with a space.
</Files>