{"id":5559,"date":"2014-04-01T02:48:16","date_gmt":"2014-04-01T02:48:16","guid":{"rendered":"https:\/\/unknownerror.org\/index.php\/2014\/04\/01\/cakephp-site-restricting-access-to-some-files-with-htaccess-collection-of-common-programming-errors\/"},"modified":"2014-04-01T02:48:16","modified_gmt":"2014-04-01T02:48:16","slug":"cakephp-site-restricting-access-to-some-files-with-htaccess-collection-of-common-programming-errors","status":"publish","type":"post","link":"https:\/\/unknownerror.org\/index.php\/2014\/04\/01\/cakephp-site-restricting-access-to-some-files-with-htaccess-collection-of-common-programming-errors\/","title":{"rendered":"CakePHP site restricting access to some files with .htaccess-Collection of common programming errors"},"content":{"rendered":"<p>I have following .htaccess file for my CakePHP 2 website.<br \/>\nI put this under webroot folder.<\/p>\n<p>Everyday some bots try to login to my site as a wordpress site. So I need to restrict some file names (wp-login.php) or some directories like Administrator or Cache.<\/p>\n<ul>\n<li>But when I enter to <strong>example.com\/wp-login.php<\/strong> I get &#8220;Error: An Internal Error Has Occurred.&#8221; page of CakePHP exception.<\/li>\n<li>When I uncomment &#8220;directory \/administrator&#8221; or &#8220;directory\/cache&#8221; every page gives a 403 error.<\/li>\n<\/ul>\n<p>How can I restrict to that files and folders?<\/p>\n<pre><code>\n Order allow,Deny\n Deny from all\n\n\n\n  Order allow,deny\n  Deny from all\n\n\n#\n#    Order allow,deny\n#    Deny from all\n#\n\n#\n#    Order allow,deny\n#    Deny from all\n#\n\n\n\n    RewriteEngine On\n\n    RewriteCond %{HTTP_HOST} ^www\\.(.*)$ [NC]\n    RewriteRule ^(.*)$ http:\/\/%1\/$1 [R=301,L]\n\n    RewriteCond %{REQUEST_FILENAME} !-d\n    RewriteCond %{REQUEST_FILENAME} !-f\n    RewriteRule ^(.*)$ index.php [QSA,L]\n\n\n#set file cache maximum age in seconds\n\n    \n        Header set Cache-Control \"max-age=518400, public\"\n    \n    \n        Header set Cache-Control \"max-age=604800, public\"\n    \n\n\n\n# gzip files\n\n  mod_gzip_on Yes\n  mod_gzip_dechunk Yes\n  mod_gzip_item_include file \\.(html?|txt|css|js|php|pl)$\n  mod_gzip_item_include handler ^cgi-script$\n  mod_gzip_item_include mime ^text\/.*\n  mod_gzip_item_include mime ^application\/x-javascript.*\n  mod_gzip_item_include mime ^application\/javascript.*\n  mod_gzip_item_exclude mime ^image\/.*\n  mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*\n\n\n# gzip files\n\n  \n    SetOutputFilter DEFLATE\n  \n\n<\/code><\/pre>\n<p>Edit: I changed redirection code to this. Directory problem solved but CakePHP style Interval server error exception is still exists.<\/p>\n<pre><code>\nOrder allow,Deny\nDeny from all\n\n\n\n  Order allow,deny\n  Deny from all\n\n\n\n    RewriteEngine On\n\n    RewriteCond %{HTTP_HOST} ^www\\.(.*)$ [NC]\n    RewriteRule ^(.*)$ http:\/\/%1\/$1 [R=301,L]\n\n    RewriteRule ^\/?(administrator|cache|undefined) - [L,F,NC]\n\n    RewriteCond %{REQUEST_FILENAME} !-d\n    RewriteCond %{REQUEST_FILENAME} !-f\n    RewriteRule ^(.*)$ index.php [QSA,L]\n\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>I have following .htaccess file for my CakePHP 2 website. I put this under webroot folder. Everyday some bots try to login to my site as a wordpress site. So I need to restrict some file names (wp-login.php) or some directories like Administrator or Cache. But when I enter to example.com\/wp-login.php I get &#8220;Error: An [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5559","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/5559","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/comments?post=5559"}],"version-history":[{"count":0,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/5559\/revisions"}],"wp:attachment":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/media?parent=5559"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/categories?post=5559"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/tags?post=5559"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}