1

I have a Wordpress installation on the root of an apache (I.E. on /) and WP wrote this custom .htaccess:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Now I need to hide a single php script, let's say in /scritps/hello.php, I tried a .htaccess in scripts with:
<files hello.php>
Order allow,deny
Deny from all
</files>

But it gets overriden by WP's .htaccess, and hello.php is shown anyway. ( I know this because moving the scripts directory out of WP to another vhost on my local environment makes it work ).

I want to hide this php file on the live site because it should only be called by cron from the command line, and I can't put the file outside the apache root because that's all I have FTP access to.
And no, I don't have SSH access, someone else's going to set the cron job.

Improve this question
4
  • You might have more luck on the WordPress StackExchange.
    – Teknophilia
    Commented Dec 14, 2011 at 18:24
  • @Teknophilia This is an Apache issue rather than a wordpress issue
    – Paul
    Commented Dec 14, 2011 at 23:06
  • 1
    Is mod_access definitely loaded in apache (the module that processes allow/deny statements), and AllowOverrides +Limit is enabled in httpd.conf, allowing you to change access permissions in .htaccess?
    – Paul
    Commented Dec 14, 2011 at 23:14
  • Yes both are true, as this works if the file and the .htaccess are moved to a different vhost that doesn't have Wordpress but is still under the same Apache
    – Petruza
    Commented Dec 15, 2011 at 20:25

1 Answer 1

Reset to default
0

Correct me if I'm wrong, but wouldn't Order Deny, Allow be correct to hide the file?

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .