Question:
How can I allow and deny HTTP access to files based on file extensions? I need to deny access to all TXT files.
Answer:
Below you can find a simple example of how to control download access to files using a .htaccess file. In the first example, the following .htaccess code will block access to all files with a .txt file extension for all requests resulting in HTTP ERROR 403: Forbidden.
<FilesMatch ".txt">
Order Allow,Deny
Deny from All
</FilesMatch>
If download access is required on the basis of the source IP address, it is possible to allow access on an IP basis. The following code will deny access to all of them and then allow access to the .txt file to requests coming from e.g. 11.110.299.255 IP address:
<FilesMatch ".txt">
Order Deny,Allow
Deny from All
Allow from 11.110.299.255
</FilesMatch>