Redirecting directory to 403

Been banging my head against this all day.

I want to deny access to a few directories, sending either 404 or 403 redirects.
The directories are related to matomo server.

The folders and files I’m trying to deny access to are:

The .htaccess below is doing something as the http->https redirect is working fine.
the server is however still happily allowing access to the directories and files in the list.

Im just a lowly front end dev and I know way too little about any of this stuff. Any help would be greatly appreciated.

RewriteEngine On

order deny,allow                                                                                                                                                      
deny from all
allow from

RewriteCond %{HTTPS}  !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R]

RewriteRule ^(config|tmp|core|lang).*$ - [F,L,NC]

## I also attempted to target the ini.php file with this line... 
## RewriteRule ^ini\.php$ - [F,L,NC]

DO you have litespeed ent on your server

nope, openlitespeed

all rules are not compatible with ols

are you saying: not all rules are compatible, or: ‘all-rules’ are not compatible?

okay, so I guess I need to edit the vhost file then? I should be able to block access there, right?

what would a vhost rule like this look like?

I have searched the forums for an answer but no one ever seems to get past this point.

I’m at it again and I have progress to report:
I have now put this in the vHost Conf field in cyberpanel:

rewrite  {
  enable                  1
  autoLoadHtaccess        1
  RewriteRule ^/(config|tmp|core|lang).*$ - [F,L,NC]

This kind of solves the problem in that it renders the contents of the directories inaccessible, but it weirdly doesn’t send the forbidden error outright, but apparently causes a redirect loop, which is abandoned after 5 times, after which finally a redirect to 403.hml is sent… I guess?

my vh conf:

docRoot                   /home/{... snip ... }/stats
vhDomain                  $VH_NAME
vhAliases                 www.$VH_NAME
adminEmails               {... snip ... }
enableGzip                1
enableIpGeo               1

errorlog $VH_ROOT/logs/{... snip ... }.error_log {
  useServer               0
  logLevel                WARN
  rollingSize             10M

accesslog $VH_ROOT/logs/{... snip ... }.access_log {
  useServer               0
  logFormat               "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
  logHeaders              5
  rollingSize             10M
  keepDays                10
  compressArchive         1

index  {
  useServer               0
  indexFiles              index.php, index.html

errorpage 403 {
  url                     403.html

errorpage 404 {
  url                     404.html

errorpage 500 {
  url                     500.html

scripthandler  {
  add                     lsapi:{... snip ... } php

phpIniOverride  {


extprocessor {... snip ... } {
  type                    lsapi
  address                 {... snip ... }
  maxConns                10
  env                     LSAPI_CHILDREN=10
  initTimeout             60
  retryTimeout            0
  persistConn             1
  pcKeepAliveTimeout      1
  respBuffer              0
  autoStart               1
  path                    /usr/local/lsws/lsphp80/bin/lsphp
  extUser                 {... snip ... }
  extGroup                {... snip ... }
  memSoftLimit            2047M
  memHardLimit            2047M
  procSoftLimit           400
  procHardLimit           500

context /.well-known/acme-challenge {
  location                /usr/local/lsws/Example/html/.well-known/acme-challenge
  allowBrowse             1

  rewrite  {

  addDefaultCharset       off

  phpIniOverride  {


rewrite  {
  enable                  1
  autoLoadHtaccess        1
  RewriteRule ^/(config|tmp|core|lang).*$ - [F,L,NC]

vhssl  {
  keyFile                 /etc/letsencrypt/live/{... snip ... }/privkey.pem
  certFile                /etc/letsencrypt/live/{... snip ... }/fullchain.pem
  certChain               1
  enableECDHE             1
  renegProtection         1
  sslSessionCache         1
  enableSpdy              15
  enableStapling          1
  ocspRespMaxAge          86400

module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME