Help with regular expression in .htaccess file

[127.0.0.1]

Using an .htaccess file I want to block all access (except from localhost) of files with one exception. The exception being image files ending with [b].thumb.*[/b] in the file name. The asterisk denoting jpg|jpeg|gif|png extensions.

Examples:
Allow access to [green]image4849.thumb.jpg[/green]
Deny access to [red]image4948.jpg[/red] and any other file [u]not[/u] containing ".thumb.*"

This is what I've come up with, it's a mess and obviously doesn't work... :-\

[code]
<FilesMatch "(.thumb.(gif|jpg|jpeg|png)$)">
    Order Allow, Deny
    Deny from all
    Allow from localhost
</FilesMatch>
[/code]

[Ninjakreborn]

http://linuxreviews.org/webdesign/htaccess/

[127.0.0.1]

Well with all due respect, I've read many sites like that including the documentation at apache.org, and that's why I've come here to get explicit help rather than a referral to another site.

Maybe my question is more of a regexp one and less an htaccess question? In that, I want my regexp to match everything BUT (*.thumb.jp?g|gif|png). I don't know how to tell FilesMatch to do that.

[effigy]

Your shouldn't need the outer parens, and periods are metacharacters in regex. Try [tt]\.thumb\.(gif|jpe?g|png)$[/tt]

[127.0.0.1]

[code]
<FilesMatch "\.thumb\.(gif|jpe?g|png)$">
    Order Allow, Deny
    Deny from all
    Allow from localhost
</FilesMatch>
[/code]
Still blocks access to all files -- it doesn't allow access to [tt].thumb.gif|jp?g|png[/tt] files. :-\

[effigy]

Your expression looks OK to me. I haven't Apache'd in a while, but based on an example in the docs, shouldn't it be[tt] Order Deny, Allow[/tt]?

Is localhost being picked up properly?

[127.0.0.1]

I tired [tt]Order Deny, Allow[/tt], still blocks any file containing [tt]thumb.gif|jp?g|png[/tt] with a (500) Internal Server Error message. I cannot tell if localhost works because I'm not on localhost.

[Ninjakreborn]

500 internal server means a misconfiguration of the htaccess file.
I personally didn't even know you could use regular expressions in an htaccess file

[127.0.0.1]

Yeah, I was just looking at the error logs, "[tt]order takes one argument, 'allow,deny', 'deny,allow', or 'mutual-failure'[/tt]"

I sort of have it working now:

[code]
<FilesMatch "\.thumb\.(gif|jpe?g|png)$">
order allow,deny
deny from all
</FilesMatch>
[/code]

Except, in reverse. :D

It's allowing access to everything but [tt]thumb.gif|jp?g|png[/tt] files. I want it to do the INVERSE; [u]allow[/u] access to [u]only[/u] [tt]thumb.gif|jp?g|png[/tt] files. That's what I've been struggling with all along.

[127.0.0.1]

I dug up an old PHP book and skimmed through some pages on regular expressions.

I got it to work using:

[code]
<FilesMatch "[^\.thumb]\.(gif|jpe?g|png)$">
order allow,deny
deny from all
</FilesMatch>
[/code]

I'm no expert, so if anyone sees an error in that, please let me know, and thanks for the help.

[effigy]

[tt][ ][/tt]'s denote a character class, meaning any one of the characters inside. The ^ changes the behavior from include to exclude. If Apache follows PCRE as it states, the expression will work for your case, but it will also allow a.gif, c.gif, etc.

[127.0.0.1]

Hmm. I made a file called [tt]a.gif[/tt] and [tt]whatever.a.gif[/tt] to test what you said, and Apache is correctly blocking access to them. Maybe I misunderstood what you just said.

[effigy]

This is getting confusing. The last FilesMatch that you showed--is it working both ways, from the outside and localhost?

[127.0.0.1]

Heh, I'm sorry for the confusion.

Yes, the last FilesMatch I showed is working as I want it now, both ways. Nothing can get accessed except a filename containing the word [tt].thumb[/tt] followed by the specified image extensions.