FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Home  »  Htaccess  »  Using FilesMatch and Files in htaccess

by 15 comments

Files and FilesMatch to target multiple files and using Regular expressions using .htaccess files on Apache.

NOTE:FilesMatch should be used instead of Files when dealing with multiple files.


Adding UTF-8 content-type and and en-US language headers to files with extensions htm, html, css, js, and php

Setting charset in htaccess article

Using the Files Directive

<Files ~ "\.(htm|html|css|js|php)$">
AddDefaultCharset UTF-8
DefaultLanguage en-US
</Files>

Using the FilesMatch Directive (preferred)

<FilesMatch "\.(htm|html|css|js|php)$">
AddDefaultCharset UTF-8
DefaultLanguage en-US
</FilesMatch>

Other Examples using Files and FilesMatch in htaccess

Target a single file admin.php

<Files admin.php>
deny from all
</Files>

Target files that start with admin or staff and end in .php

<FilesMatch "^(admin|staff)\.php$">
AuthName "Dialog prompt"
AuthType Basic
AuthUserFile /web/username/.htpasswd
Require valid-user
</FilesMatch>

Target all files that end in .html or .htm

<FilesMatch "\.(html|htm)$">
AddDefaultCharset utf-8
DefaultLanguage en-us
</FilesMatch>

<FilesMatch> DirectiveDescription: Contains directives that apply to regular-expression matched filenamesSyntax:<FilesMatch regex> ... </FilesMatch>Context: server config, virtual host, directory, .htaccess

The <FilesMatch> directive limits the scope of the enclosed directives by filename, just as the <Files> directive does. However, it accepts a regular expression. For example:

<FilesMatch "\.(gif|jpe?g|png)$">

<Files> DirectiveDescription: Contains directives that apply to matched filenamesSyntax:<Files filename> ... </Files>

The <Files> directive limits the scope of the enclosed directives by filename. It is comparable to the and directives. It should be matched with a </Files> directive. The directives given within this section will be applied to any object with a basename (last component of filename) matching the specified filename. <Files> sections are processed in the order they appear in the configuration file, after the sections and .htaccess files are read, but before sections. Note that <Files> can be nested inside sections to restrict the portion of the filesystem they apply to.

The filename argument should include a filename, or a wild-card string, where ? matches any single character, and * matches any sequences of characters. Extended regular expressions can also be used, with the addition of the ~ character. For example:

<Files ~ "\.(gif|jpe?g|png)$">

would match most common Internet graphics formats. <FilesMatch> is preferred, however.

Note that unlike and sections, <Files> sections can be used inside .htaccess files. This allows users to control access to their own files, at a file-by-file level.

The configuration sections are applied in a very particular order. Since this can have important effects on how configuration directives are interpreted, it is important to understand how this works.

The order of merging is:

  1. (except regular expressions) and .htaccess done simultaneously (with .htaccess, if allowed, overriding )
  2. (and )
  3. <Files> and <FilesMatch> done simultaneously
  4. and done simultaneously

Apart from , each group is processed in the order that they appear in the configuration files. (group 1 above) is processed in the order shortest directory component to longest. So for example, will be processed before . If multiple sections apply to the same directory they are processed in the configuration file order. Configurations included via the Include directive will be treated as if they were inside the including file at the location of the Include directive.

Sections inside sections are applied after the corresponding sections outside the virtual host definition. This allows virtual hosts to override the main server configuration.

Later sections override earlier ones.

Technical Note: There is actually a / sequence performed just before the name translation phase (where Aliases and DocumentRoots are used to map URLs to filenames). The results of this sequence are completely thrown away after the translation has completed.

Tags

April 3rd, 2007

Comments Welcome

  • Nizam

    I am looking for one smart guy to answer this question.

    PURPOSE:
    I am trying to set the referrer as a cookie on every page but except 404 error page. Then, I can truly capture the real referrer at the time of a missing image, because when an image missing, error.php shows the its own page where it was missing, but I like to know the previous page where users came from. I hope you got my point. Thank you all.

    Options All -Indexes
     
    RewriteEngine On
     
     # is this correct? what is the negation?
    Header set Set-Cookie "my_referer=%{HTTP_REFERER}e; domain=.site.com"
     
    ErrorDocument 404 /error.php
  • richardbaxterseo

    Hi There

    Wondering if you can help me. I'd like to use the x-robots-tag to set a specific URL type to noindex in the server header.

    Using your example:

    Header append X-Robots-Tag "noindex"

    The url I'd like to block is:

    http://seogadget.co.uk/tools-to-speed-up-your-site/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+seogadget+%28SEOgadget%29

    but allow:

    http://seogadget.co.uk/tools-to-speed-up-your-site/

    So, I thought something like:

    Header append X-Robots-Tag "noindex"

    Might work. Am I close? Can a ?utm_source style query string be detected in this way? I think it's a glaring error in my syntax, but I could be wrong.

    Many thanks!

  • Steven

    Something's wrong here. Your examples don't make sense.

    E.g. under"Target all files that end in .html or .htm" the box following this "However, it accepts a regular expression. For example:"
    is empty.

    On top, the examples for "Using the Files Directive" and "Using the FilesMatch Directive (preferred)" are exactly the same two lines, etc. Not helpful.

  • Goulven

    Hi,
    You should probably escape "less than" and "greater than" signs on this page, so that Apache directives are not mistakenly interpreted by browsers as empty tags...

    Thanks for the information!

  • Kae Verens

    for anyone else that finds this article impossible to read, try reading the source instead.

    for the author - < and > - not

  • AskApache

    Thanks Kae, I was having serious problems throughout the site like that.. my source code plugin got messed up somewhere along the way.. looks like its fixed now, thanks!

  • Aamir

    I want Apache server to send

    Cache-control: no-store
    Pragma: no-cache

    http header to client browser. How to use your code in httpd.conf file? Where to put the code and how?

  • Aamir

    I want to add Cache-control and Pragma http header to some of the responses. How can i do that? Please help.

  • billc108

    This page apparently was copied as text from http://www.htaccesselite.com/using-filesmatch-and-files-htaccess-vt9.html
    and whomever did the copying didn't proof their work as this one is missing a bunch of stuff that's supposed to display between angle brackets.

    Go read the original, it makes more sense.

  • Peter

    Hi,

    What would this server log error mean?

    [path]/.htaccess:  without matching  section [path]
  • Matt

    Awesome! Saved me a ton of time. No wonder top google result :)

  • Tom Conte

    Hi Richard,

    Did you ever find a solution to your problem?

  • evden eve nakliyat

    Thanks for sharing. But Not working is
    why?


Related Articles


My Online Tools
Popular Articles


Hacking and Hackers

The use of "hacker" to mean "security breaker" is a confusion on the part of the mass media. We hackers refuse to recognize that meaning, and continue using the word to mean someone who loves to program, someone who enjoys playful cleverness, or the combination of the two. See my article, On Hacking.
-- Richard M. Stallman









[hide]

It's very simple - you read the protocol and write the code. -Bill Joy

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, just credit with a link.
This site is not supported or endorsed by The Apache Software Foundation (ASF). All software and documentation produced by The ASF is licensed. "Apache" is a trademark of The ASF. NCSA HTTPd.
UNIX ® is a registered Trademark of The Open Group. POSIX ® is a registered Trademark of The IEEE.

+Askapache | askapache

Site Map | Contact Webmaster | License and Disclaimer | Terms of Service

↑ TOPMain