Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Laravel Apache hide .env and several security settings via .htaccess
# Disable Directory listing
Options -Indexes
# block files which needs to be hidden // in here specify .example extension of the file
<Files ~ "\.(env|json|config.js|md|gitignore|gitattributes|lock)$">
Order allow,deny
Deny from all
</Files>
# in here specify full file name sperator '|'
<Files ~ "(artisan)$">
Order allow,deny
Deny from all
</Files>
@kunglaw
Copy link

kunglaw commented Sep 5, 2019

this could be saved the .env file from google robots detectiion file ?

Loading

@parzibyte
Copy link

parzibyte commented Mar 21, 2020

this could be saved the .env file from google robots detectiion file ?

Yes, if the robot detects a 403 status it won't index the file, it can't even read it

Loading

@vahidalvandi
Copy link

vahidalvandi commented Jul 19, 2020

<Files *.php>
    Order Deny,Allow
    Deny from all
</Files>

<Files index.php>
    Order Allow,Deny
    Allow from all
</Files>

Loading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment