Allow access to specific file types in a protected directory

by Scott Mitchell

2 Minutes, 0 Seconds to Read

For security reasons, many users like to protect directories from intrusion. This prevents people from injecting php or other malicious code or scripts into the directories. However, locking down a directory entirely may prevent access to specific tile types you do wish people to view, such as images. The instructions below will explain how to lock down a directory from access while still allowing any file of a given type to be accessed by setting up code in your .htaccess file.

How to allow access to certain file types for protected directories via htaccess

  1. Log into your cPanel cPanel dashboard.
  2. From the main cPanel page, use the File Manager to access the root folder of your domain. Be sure you have the Show Hidden Files (dotfiles) option selected as we will be editing the .htaccess file.
  3. Now that you are in the root folder for the directory, find the folder you wish to protect and click it to enter that directory.
  4. Once inside the folder you want to protect, check to see if there is an existing . .htaccess file. If not, you will need to create a new one by clicking the New File button in the upper toolbar and naming it .htaccess (be sure to place the . at the front!). Once you find or create the .htaccess file, open the file for editing.
  5. Now that you are in the editor, we will set the directory to be very secure, denying access for all file types. Below is the code you want to insert into the .htaccess file.Order Allow,Deny
    Deny from all
  6. Since we have now set the security, we now want to allow access to our desired file types. To do that, add the code below to the .htaccess file under the security code you just inserted.<FilesMatch ".(jpg|gif|png)$">
    Order Deny,Allow
        Allow from all
    </FilesMatch>
    The first line of code is the one you will need to modify to add or change the file types you wish to allow. Our example allows image types that end with file extensions jpg, gif, or png) You can replace those or add to them to allow more. Be sure to include the pipe character,|, between the file types.
  7. After you enter the code for the file types you wish to allow access to, click the Save Changes button to activate the code.
Share this Article
Related Articles
How to Create a Local Dev Server with Vagrant
AWStats: View Statistics About Your Website Traffic
MySQL Error 1064: You Have an Error in Your SQL Syntax
MySQL Error 1044 Access Denied
Troubleshooting: Fixing the “localhost Refused to Connect” Error
HTTP Error Codes: What They Mean and How to Fix Them
How to Fix the 504 Gateway Timeout Error
500 Internal Server Error
How To Create a PHP Redirect (301, 302, and Dynamic Redirect Examples)
Connect to SFTP for Shared Hosting Accounts Using FileZilla

Need More Help?

Current Customers

Chat: Chat with Sales
Call: 757-416-6575 x2
Ticket: Submit a Support Ticket

Get Reliable Web Hosting

Chat: Chat with Sales
Email: [email protected]
Call: 757-416-6575 x1

Get web hosting that grows with your business. Our all-in-one hosting platform gives you everything your website needs to scale - so you can focus on the next big thing for you and your business.