Deny Directory with .htaccess


I want to deny all users access to a directory on my site. I’ve tried the and directives in .htaccess but I keep getting a server error. I suspect my syntax is wrong but I am having trouble finding the corrcet syntax. I don’t want to password protect it I just want to deny all web access to the directory.

<Directory /path/to/diretcory>
order allow,deny
deny from all

I’ve tried both relative directory /directory and full path on the server.

Any help would be appreciated.


Do you want to restrict access to listing files in the directory (which you can do with “Options -indexes”, creating a blank index page, or removing execute permissions on the directory to “other”), or do you want to prevent any files in the directory from being accessed via the web?

If the latter, I have to ask - why not just put the directory outside of your web space in the first place?


It is the latter … I want to be able to allow access at a later date. For now I just need to use it as a store for some future materials.

Thank you very much for your help - this does exactly what I want it to.

The reason this doesn’t work is because the contents of a .htaccess file are, in effect, already wrapped in [font=Courier][/font] tags. The .htaccess file applies rules to the directory that it’s in, you don’t need to tell it which directory again.

I know this is a seven year old thread, but I’m putting the answer here for the googlers. This, for some reason, ranks fairly high in the search results for “deny directory access htaccess” or something of that nature.

You are the knowledge god. I’m looking for exactly this answer, and after seven years you plunk it down 2 hours before I need to find it. We humans are not worthy of your prescience!

[the key bit for me was putting the .htaccess into the particular directory where browsing is to be turned off, and not in the root where it will have a site-wide effect. thx.]