I'm on an apache2 installation and want to deny access to a specific php file with a .htaccess file
<Files test.php>
Require all denied
</Files>
Which does not work. However, denying access to a different file type does work as expected
<Files test.html>
Require all denied
</Files>
I've tried with various file types, all work as expected, except for php files. What do I miss here? I'm using php-fpm.
Solution
Got it working now, the solution from @life888888 down below guided me to the right direction. The main issue was, that there's an entry in my site config, which got added by the webpanel I'm using
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000/var/www/vhosts/example.com/httpdocs/$1
Commenting out this line and adding
<FilesMatch \.php$>
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
instead solved it. Now calls to php scripts are still using PFP-FPM, but htaccess and other directives are working now as expected!
Thanks again so much for all the help and comments, especially from @life888888
My Test Environment
Ubuntu 20.04
sudo apt update
sudo apt upgrade -y
sudo apt install apache2 -y
sudo apt install php php-fpm -y
sudo apt install libapache2-mod-fcgid -y
sudo a2enmod proxy_fcgi setenvif
sudo nano /etc/apache2/sites-available/000-default.conf
Within the <VirtualHost *:80> block, add the following lines:
<VirtualHost *:80>
...
# PHP-FPM Configuration
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php/php7.4-fpm.sock|fcgi://localhost"
</FilesMatch>
<Files "info.php">
Require all denied
</Files>
...
</VirtualHost>
Note: Ensure to replace php7.4-fpm.sock with the actual socket path for your PHP version. You can check this by looking into the /run/php/ directory.
Note: No .htaccess , I put it in /etc/apache2/sites-available/000-default.conf
sudo systemctl restart apache2
sudo systemctl restart php7.4-fpm
sudo nano /var/www/html/info.php
Add the following content:
<?php
phpinfo();
?>
sudo nano /var/www/html/info2.php
Add the following content:
<?php
phpinfo();
?>
use Firefox or curl open http://localhost/info2.php
use Firefox or curl open http://localhost/info.php
will get error:
403 Forbidden
You don't have permission to access this resource.
Apache/2.4.41 (Ubuntu) Server at localhost Port 80
IMPORTANT:
if test all ok , delete /var/www/html/info.php
and /var/www/html/info2.php
I am test all steps OK in my ubuntu 20.4
My test environment always starts with re-copying a cleanly initialized Ubuntu VM.