.htaccess deny all --> directoryindex not working (deny all & whitelisting files)

I would like to deny access to all files and directories on the server but a few ones that I explicitly allow. How can I do that with .htaccess? Why does my approach not work? I am aware I will have to allow .css, .jpg etc.

Director开发者_Python百科yIndex index.html

Order Deny,Allow
Deny from all
Allow from 127.0.0.1

<Files index.html>
  order Allow,Deny
  Allow from all
</Files>

edit: the above .htaccess gives me a "Forbidden" error when I try to access index.html. why?

edit: this seems to do the trick. I hope there are no holes left:

#Disallow everything
<filesmatch "\.+">
    Order Allow,Deny
    Deny from all
</filesmatch> 

#Allow index
<Files index.html>
  order Allow,Deny
  Allow from all
</Files>

#Allow peripheral files
<FilesMatch "\.(css|png|jpg|js|ico)$">
    Order Allow,Deny
    Allow from all
</FilesMatch>

IP address : 127.0.0.1 have access to your server and others don't.
this part:

<Files index.html>
  order Allow,Deny
  Allow from all
</Files>

set access to index.html for all users BUT remember because you did not mention anything about other files they have default access attributes.
for example the code below allow files: 01.jpeg or 01.html or anything ended with xml.

 <FilesMatch      !"(01\.jpe?g|01\.html|xml)$"> 
  order Allow,Deny
  allow from 127.0.0.1


</FilesMatch>