How to Protect .htaccess file contents?

By default, anyone can view the contents of the .htaccess file. However, this can be a security risk, as it exposes the website configuration details. For security reasons, it is a good idea to prevent visitors from viewing .htaccess files.

To do this, add the following directives to the .htaccess file:

# Prevent Apache from serving .htaccess files:
<FilesMatch "^\.htaccess">
    Order allow,deny
    Deny from all
</FilesMatch>

Now, visitors who try to view the .htaccess file directly receive a “403 Forbidden” error in their web browser.

Was this article helpful?

Yes No

Have more questions? Contact our Support Team

  • 119 users found this useful

    Support