1.Files:
(1) apply to matched filenames (支援”*”, “?”)
<Files *.ini>
deny from all
</Files>
<Files "?at.*">
# This would apply to cat.html, bat.html, hat.php and so on.
</Files>
(2) Some File need to keep secret (“~” => 用 Regular expressions)
<Files ~ "\.(htaccess|htpasswd|ini|bak|old|log|sh|sql)$"> deny from all </Files>
(3) php, html, js等副檔名不能存取
<Files ~ "\.(php|html|htm|js)$"> deny from all </Files>
2.FilesMatch:
apply to regular-expression matched filenames
<FilesMatch "\.(gif|jpe?g|png)$"> </FilesMatch>
應用
(1)Block files start with “.” (i.e. .gitignore)
<FilesMatch "^\."> Order allow,deny Deny from all </FilesMatch>
(2)Block folders start with “.” (i.e. .git/ .vscode/ .history/)
<DirectoryMatch "^\.|\/\."> Order allow,deny Deny from all </DirectoryMatch>
* DirectoryMatch 不可以寫在 .htaccess
* 注意, “.well-known” 亦會被 block
進階版
<DirectoryMatch "^\.|\/\.(?!well-known)"> Require all denied </DirectoryMatch>