Lighttpd deny access to certain files

in Categories lighttpd last updated July 12, 2006
Lighttpd logo

Generally, I update web pages over ssh session. The problem is that vim creates a backup files ended with a diacritical mark (~).

Some other open source software use .inc extensions of php and other include for code. However, lighttpd comes with nifty module called mod_access module which is used to deny access to files with given trailing path names.

Open lighty’s config file:
# vi /etc/lighttpd/lighttpd.conf

Append or add mod_access (if it is not added) :
server.modules += ( "mod_access" )

Next append rule that deny access to files with given trailing path names (~ and .inc):
url.access-deny = ( "~", ".inc" )

Save and close the file. Restart lighttpd:
# /etc/init.d/lighttpd restart

Now if end users try to open .inc or other trailing path names he/she will get error 404.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on (or read 6 comments/add one below):

6 comment

  1. If you want to block access to an entire directory and its sub directories you can do

    $HTTP[“url”] =~ “^/directorynamehere/” {
    url.access-deny = ( “” )

    1. This worked for me :

      $HTTP[“url”] =~ “/.” {
      url.access-deny = ( “” )

  2. This worked for me :

    $HTTP[“url”] =~ “/.” {
    url.access-deny = ( “” )

    Have a question? Post it on our forum!