Blow directories and files with .htaccess

0

I do not have much knowledge on .htaccess and I came across a project where it blocked some images that I uploaded to an img project folder.

RewriteRule ^(css|js|img)/(.*)$ statics/$1/$2 [L]

But other images in this folder loaded normally. The strange thing is that I searched for the name of the images they loaded inside the .htaccess file and did not find it. So I do not know how he blocked some and not some.

But by removing% with% of the rule all images will start to load.

RewriteRule ^(css|js)/(.*)$ statics/$1/$2 [L]

My questions are:

  • Why block loading of images in a project?

  • Removing img from the rule, am I exposing the security of my application in some way?

asked by anonymous 30.01.2018 / 16:07

1 answer

1

It depends on why this, if you do not want the leak of someone's photo can be useful.

Removing security (img) would not remove security (from the application), in my view, it would only remove privacy.

If you want to make only some images public, following the same reasoning you can do something like

RewriteRule ^(css|js|img)/((?!private_).*)$ statics/$1/$2 [L]

You can see this working here link
Just remove the private _ regex "matches"

    
30.01.2018 / 17:02