In this article we will tell you the trick for how to disable dot files direct access in website. Dot files are the configuration or settings files for many websites. For an example .env is the configuration file in Laravel Website Framework.
These dot files sometimes is accessible directly from browser. Direct access of these files sometimes breaks the website security because it reveals sensitive configuration of websites.
So, here we will disable all dot files direct access from browser or disable direct http access of dot files. And we will do this with the help of .htaccess file because htaccess file is the website configuration file which allows us to make changes to our website’s configuration without changing server configuration files.
First of all create a .htaccess file in your website or application root folder. For an example, create .htaccess file inside public_html folder.
Then paste the code given below in your .htaccess file.
# Deny access to hidden files - files that start with a dot (.) <FilesMatch "^\."> Order allow,deny Deny from all </FilesMatch>
We can apply this method for any Website Framework or CMS like Laravel, WordPress.
That’s it. We have blocked all the dot files direct access for our website and solved how to disable dot files direct access in website.
If you want more security tips about websites then click here.
How to secure WordPress website
Subscribe Your Email Address to get all Updates in Your Email Box.
Follow us on Facebook, Twitter, Tumblr, LinkedIn.
If your like this article then share this.