.htaccess deny access to subdirectories from a certain domain

th flag

I have a server with a security flaw:

There's the main site (on server /var/www folder) Then there's an additional app (on server /var/www/app/public) that is configured to be on

So the app is also reachable via (i'd like to change that)

I have also the problem that the whole app is saved on the server for the developer. Means also all resource files are stored on a public folder, for example

Now to fix this I thought I'd put a .htaccess into with the following code:

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^example\.com/app$ [NC]
RewriteRule ^(.*)$ [R=301,L]

This would redirect everything with the wrong URL (,,, ...) to

But when testing it, it doesn't work. I've probably messed up the syntax. Not very experienced with .htaccess. Tried for an hour with a .htaccess tester but didn't succeed. Can you (1) tell me what I'm doing wrong with the .htaccess syntax and (2) tell me if this workaround with the .htaccess is more or less safe enough?

us flag
Don't use htaccess files and simply place the configuration directives in the htttpd.conf of the specific virtualhost entry for and/or -
grimnebluna avatar
th flag
thanks for your reply. i've modified the httpd (and httpd-ssl).conf and added `<Directory /var/www/app/> Order Allow,Deny Deny From All </Directory>` inside the <VirtualHost> of the domain It works!
kz flag
`Order` and `Deny` directives are Apache 2.2 and formerly deprectaed. You should be using `Require all denied` on Apache 2.4+ instead.
grimnebluna avatar
th flag
ok, will do. thank you!

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.