防止直接访问 .htaccess 文件
[英]Prevent direct access to .htaccess file
问题描述
i need to prevent access to .htaccess file.
我需要阻止访问.htaccess文件。 my file is:我的文件是:
# secure htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>
# disable directory browsing
Options All -Indexes
when i check URL :当我检查 URL 时:
http://localhost/cms/htaccess
I see .htaccess file data我看到.htaccess文件数据
How do i can prevent/deny access to .htaccess file?如何prevent/deny访问.htaccess文件?
2 个解决方案
解决方案1
4 已采纳 2014-02-07 07:49:27
You're blocking .htaccess but accessing http://localhost/cms/htaccess您正在阻止.htaccess但访问http://localhost/cms/htaccess
Try accessing http://localhost/cms/.htaccess尝试访问http://localhost/cms/.htaccess
If you want to block both try this FilesMatch directive with regex:如果你想阻止这两个尝试使用正则表达式的FilesMatch指令:
<FilesMatch "\.?htaccess$">
order allow,deny
deny from all
</FilesMatch>
解决方案2
1 2014-02-07 07:56:00
You can secure access Within an htaccess file itself, the scope of the directive only applies to that directory, See the below code.您可以安全访问在 htaccess 文件本身内,该指令的范围仅适用于该目录,请参阅以下代码。
To secure the htaccess file.
<Files "log.txt">
Order Allow,Deny
Deny from all
</Files>
In your htaccess file in your local.在您本地的 htaccess 文件中。 Also you can use mod_rewrite to sort of handle both cases deny & access to htaccess file as well as log.txt:您也可以使用 mod_rewrite 来处理拒绝和访问 htaccess 文件以及 log.txt 的两种情况:
RewriteRule /?\.htaccess$ - [F,L]
RewriteRule ^/?inscription/log\.txt$ - [F,L]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.