How to Close a Directory With .htaccess for Apache 2.4 and Older Versions

Updated:

If you need to close some directory in .htaccess (we assume overrides are allowed in this directory with AllowOverride), you can use in .htaccess:

<IfModule mod_authz_core.c>
    Require all denied
</IfModule>

<IfModule !mod_authz_core.c>
    Deny from all
</IfModule>
  • Apache 2.4 (with mod_authz_core) → will use Require all denied
  • Apache 2.2 (no mod_authz_core) → will use Deny from all

Why?

In Apache 2.4.0 the directive

Deny from all

has become deprecated (source).

Sergei Korolev
Sergei Korolev
Web developer and the author of all articles on this site. With over 27 years of programming experience, he has specialized in web programming for more than 21 years. He is a Zend Certified Engineer in PHP 5.3 and holds several additional certifications in programming, SEO, web design, UX design, digital marketing, copywriting. You can see his resume here. He is available for remote projects at a rate of $60 USD per hour. You can contact him via this contact form. He currently lives in Belgrade, Serbia.

Leave a Reply

Your email address will not be published. Required fields are marked *

Close