I am able to see the contents of the json. I need to prevent this somehow
If you are using Apache, then you can use:
A
.htacessfileA
Directoryblock inhttpd.conf(better performance)
If you are using Lighttpd, then you can use:
- A
url.access-denydirective inlighttpd.conf
See below for instructions.
Apache - Using a .htacess file
Create a .htaccess file in the settings directory with the following content:
deny from all That will deny access to any file in that folder.
Note:
You should avoid using .htaccess files completely if you have access to httpd main server config file. Using .htaccess files slows down your Apache http server. Any directive that you can include in a .htaccess file is better set in a Directory block, as it will have the same effect with better performance.
Source Apache HTTP Server Tutorial: .htaccess files
Apache - Using a Directory block in httpd.conf
Add the following to your httpd.conf file
<Directory "/settings"> Require all denied </Directory> Lighttpd - Using a url.access-deny directive in lighttpd.conf
The
mod_accessmodule is used to deny access to files and directories.
Edit
/etc/lighttpd/lighttpd.conffile as follows:vi lighttpd.confAdd the following code to enable mod_access:
server.modules += ( "mod_access" )Add regex as follows:
# deny access to /settings $HTTP["url"] =~ "^/settings/" { url.access-deny = ("") }Save and close the file.
Check for syntax errors:
lighttpd -t -f /etc/lighttpd/lighttpd.confIf no errors then restart the
lighttpdweb server:service lighttpd restart
Source Lighttpd Deny Access To Folders / Directories. Script has been tweaked to match the requirements of the question.