I have a bunch of files that are secure_xxxxxx.php. Is there a way to use .htaccess to block access to all the secure_* php files based on IP?
EDIT:
I've tried but I get 500 errors
<FilesMatch "^secure_.*\.php$">
order deny all
deny from all
allow from my ip here
</FilesMatch>
Don't see any errors in apache error logs either
httpd -M
Loaded Modules:
core_module (static)
authn_file_module (static)
authn_default_module (static)
authz_host_module (static)
authz_groupfile_module (static)
authz_user_module (static)
authz_default_module (static)
auth_basic_module (static)
include_module (static)
filter_module (static)
log_config_module (static)
logio_module (static)
env_module (static)
expires_module (static)
headers_module (static)
setenvif_module (static)
version_module (static)
proxy_module (static)
proxy_connect_module (static)
proxy_ftp_module (static)
proxy_http_module (static)
proxy_scgi_module (static)
proxy_ajp_module (static)
proxy_balancer_module (static)
ssl_module (static)
mpm_prefork_module (static)
http_module (static)
mime_module (static)
dav_module (static)
status_module (static)
autoindex_module (static)
asis_module (static)
info_module (static)
suexec_module (static)
cgi_module (static)
dav_fs_module (static)
negotiation_module (static)
dir_module (static)
actions_module (static)
userdir_module (static)
alias_module (static)
rewrite_module (static)
so_module (static)
fastinclude_module (shared)
auth_passthrough_module (shared)
bwlimited_module (shared)
frontpage_module (shared)
suphp_module (shared)
Syntax OK
Files seem to work fine.
Best Answer
You should be able to use the Files directive and mod_authz_host to achieve you goals.
For example:
See the references below.
http://httpd.apache.org/docs/current/mod/core.html#files http://httpd.apache.org/docs/current/howto/access.html
Or using FilesMatch and the older ACL syntax:
This should only allow access from localhost.