Hello, I have read this article:
https://openlitespeed.org/kb/access-control/
added this to .htaccess
matomo directories
RewriteRule ^.git/.$ - [F,L]
RewriteRule ^core/.$ - [F,L]
RewriteRule ^config/.$ - [F,L]
RewriteRule ^lang/.$ - [F,L]
RewriteRule ^temp/.*$ - [F,L]
restarted litespeed - the rule is not working and the file path is available in a browser
when I loginto litespeed :7080 i see the rewrite table says: Rewrite Map (Disabled by CyberPanel)
so, how to deny access to directories?
Hello @ldavid
Why dont you use context like this
context {
uri /folderxyz/
accessControl {
deny
}
location folderxyz/
}
No in vHost config of the website
sorry, its not that clear. here is what I have in vhost in cyberpanel ( not litespeed)
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails nick@ciso.com
enableGzip 1
enableIpGeo 1
errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat “%h %l %u %t “%r” %>s %b “%{Referer}i” “%{User-Agent}i””
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
index {
useServer 0
indexFiles index.php, index.html
}
scripthandler {
add lsapi:matci7618 php
}
phpIniOverride {
php_admin_value open_basedir “/tmp:$VH_ROOT”
}
extprocessor matci7618 {
type lsapi
address UDS://tmp/lshttpd/matci7618.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 600
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp81/bin/lsphp
extUser matci7618
extGroup matci7618
memSoftLimit 2047M
memHardLimit 2047M
procSoftLimit 400
procHardLimit 500
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
}
rewrite {
enable 1
autoLoadHtaccess 1
}
vhssl {
keyFile /etc/letsencrypt/live/mat.ciso.com/privkey.pem
certFile /etc/letsencrypt/live/mat.ciso.com/fullchain.pem
certChain 1
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
context {
uri /config/
accessControl {
deny
}
location config/
}
Now add the context below this context
that broke litespeed completely