oliverdavies.uk-old-sculpin/source/_posts/2012-05-23-apache-text-files.md

---
title: Prevent Apache from displaying text files within a web browser
nav: blog
slug: prevent-apache-displaying-text-files-within-web-browser
tags:
  - Apache
  - Code
  - Drupal
---
When you download [Drupal](http://drupal.org), there are several text files that are placed in the root of your installation. You don't want or need these to be visible to anyone attempting to view them in a browser - especially CHANGELOG.txt as that includes the exact version of Drupal you are running and could therefore have security implications. Rather than delete these files or change the file permissions manually for each file, I can add the following lines into my VirtualHost configuration:

    <Files ~ "\.txt$">
      Order deny,allow
      Deny from all
    </Files>

This prevents any files with a .txt extension from being accessed and rendered in a web browser.
Added the rest of the posts 2015-03-16 21:18:03 +00:00			`---`
			`title: Prevent Apache from displaying text files within a web browser`
Added main menu 2015-03-17 04:04:02 +00:00			`nav: blog`
Added the rest of the posts 2015-03-16 21:18:03 +00:00			`slug: prevent-apache-displaying-text-files-within-web-browser`
			`tags:`
			`- Apache`
			`- Code`
			`- Drupal`
			`---`
			When you download [Drupal](http://drupal.org), there are several text files that are placed in the root of your installation. You don't want or need these to be visible to anyone attempting to view them in a browser - especially CHANGELOG.txt as that includes the exact version of Drupal you are running and could therefore have security implications. Rather than delete these files or change the file permissions manually for each file, I can add the following lines into my VirtualHost configuration:

			`<Files ~ "\.txt$">`
			`Order deny,allow`
			`Deny from all`
			`</Files>`

			`This prevents any files with a .txt extension from being accessed and rendered in a web browser.`