CakePHP site restricting access to some files with .htaccess-Collection of common programming errors
I have following .htaccess file for my CakePHP 2 website.
I put this under webroot folder.
Everyday some bots try to login to my site as a wordpress site. So I need to restrict some file names (wp-login.php) or some directories like Administrator or Cache.
- But when I enter to example.com/wp-login.php I get “Error: An Internal Error Has Occurred.” page of CakePHP exception.
- When I uncomment “directory /administrator” or “directory/cache” every page gives a 403 error.
How can I restrict to that files and folders?
Order allow,Deny
Deny from all
Order allow,deny
Deny from all
#
# Order allow,deny
# Deny from all
#
#
# Order allow,deny
# Deny from all
#
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
#set file cache maximum age in seconds
Header set Cache-Control "max-age=518400, public"
Header set Cache-Control "max-age=604800, public"
# gzip files
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_include mime ^application/javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
# gzip files
SetOutputFilter DEFLATE
Edit: I changed redirection code to this. Directory problem solved but CakePHP style Interval server error exception is still exists.
Order allow,Deny
Deny from all
Order allow,deny
Deny from all
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteRule ^/?(administrator|cache|undefined) - [L,F,NC]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]