htaccess Difference Between Files and FilesMatch

Whilst writing the two recent articles about blocking xml-rpc access and the matching of files in htaccess.

.htaccess uses Files and FilesMatch to control access to files.

For example for the single file wp-config.php

<Files "wp-config.php">
Order Allow, Deny
allow from all
deny from 192.0.2.52
</Files>

There’s also

<FilesMatch "\.(gif|jpe?g|png)$">
Order Allow, Deny
allow from all
deny from 192.0.2.52
</FilesMatch>

So what’s the difference and when should each be used?

Well none really. Its all about presentation and making the reading of the file easier to view.

When reading down better to see the single Files entry and expect a corresponding single file, in this case wp-config.php. And to have a multiple match of files, as given a number of image extensions. Again the FilesMatch leads the reader to expect that the match will be multiple files.

In the above two examples the files section is used to define the matching criteria and to set the actions associated.

I’ve shown two different example of file selection, but both are configured to allow access to their respective matching files to all visitors, except the single IP address.

Both of the above to examples are code added to the file .htaccess in the root of the website with the purpose of governing the access to files of the website.

An example of this code in use is in the blocking of xml-rpc.