Lighttpd deny access to certain files

in Categories lighttpd last updated July 12, 2006
Lighttpd logo

Generally, I update web pages over ssh session. The problem is that vim creates a backup files ended with a diacritical mark (~).

Some other open source software use .inc extensions of php and other include for code. However, lighttpd comes with nifty module called mod_access module which is used to deny access to files with given trailing path names.

Open lighty’s config file:
# vi /etc/lighttpd/lighttpd.conf

Append or add mod_access (if it is not added) :
server.modules += ( "mod_access" )

Next append rule that deny access to files with given trailing path names (~ and .inc):
url.access-deny = ( "~", ".inc" )

Save and close the file. Restart lighttpd:
# /etc/init.d/lighttpd restart

Now if end users try to open .inc or other trailing path names he/she will get error 404.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Share this on (or read 6 comments/add one below):

6 comment

  2. If you want to block access to an entire directory and its sub directories you can do

    $HTTP[“url”] =~ “^/directorynamehere/” {
    url.access-deny = ( “” )
    }

    1. This worked for me :

      $HTTP[“url”] =~ “/.” {
      url.access-deny = ( “” )
      }

  4. This worked for me :

    $HTTP[“url”] =~ “/.” {
    url.access-deny = ( “” )
    }

    Have a question? Post it on our forum!