Lighttpd deny access to certain files

Author: Vivek Gite Last updated: July 12, 2006 6 comments

Generally, I update web pages over ssh session. The problem is that vim creates a backup files ended with a diacritical mark (~).

Some other open source software use .inc extensions of php and other include for code. However, lighttpd comes with nifty module called mod_access module which is used to deny access to files with given trailing path names.

Open lighty’s config file:
# vi /etc/lighttpd/lighttpd.conf

Append or add mod_access (if it is not added) :
server.modules += ( "mod_access" )

Next append rule that deny access to files with given trailing path names (~ and .inc):
url.access-deny = ( "~", ".inc" )

Save and close the file. Restart lighttpd:
# /etc/init.d/lighttpd restart

Now if end users try to open .inc or other trailing path names he/she will get error 404.


🐧 Please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on Linux, Open Source & DevOps via:
Related Posts
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
6 comments… add one
  • DECPNQ Oct 30, 2016 @ 18:08

    Just helped me. Thanks a ton.

    Reply Link
  • Nevar May 28, 2010 @ 10:40

    This worked for me :

    $HTTP[“url”] =~ “/.” {
    url.access-deny = ( “” )
    }

    Reply Link
  • Mike Mar 27, 2010 @ 17:39

    How do I deny files starting with a certain expression (e.g. dotfiles) ?

    Reply Link
    • Anonymous May 28, 2010 @ 10:38

      This worked for me :

      $HTTP[“url”] =~ “/.” {
      url.access-deny = ( “” )
      }

      Reply Link
  • Phil Jul 3, 2009 @ 9:14

    If you want to block access to an entire directory and its sub directories you can do

    $HTTP[“url”] =~ “^/directorynamehere/” {
    url.access-deny = ( “” )
    }

    Reply Link
  • jain Jul 24, 2007 @ 10:11

    Hey thanks dude

    this tutorial really helps me a lot.

    Reply Link

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Problem posting comment? Email me @ webmaster@cyberciti.biz

Next post:

Previous post:

🔎 Search this site

Sign up for my newsletter