[英]htaccess prevent access to .php and allow only with RewriteRule
I have a file .htaccess with these RewriteRules: 我有一个带有这些RewriteRules的文件.htaccess:
RewriteEngine On
RewriteRule ^login$ login.php [L]
RewriteRule ^index$ index.php [L]
RewriteRule ^page/([^/]+)/?$ page.php?id=$1 [L,QSA]
It's possible to prevent direct access to all these files, but allow access only with RewriteRule 可以阻止直接访问所有这些文件,但只允许使用RewriteRule访问
For example if someone call: "domain.com/ login " should see the page. 例如,如果有人打电话:“domain.com/ login ”应该看到该页面。
But if someone call "domain.com/ login.php " should not (in this case should see a 403 or 404 error) 但如果有人打电话给“domain.com/ login.php ”不应该(在这种情况下应该看到403或404错误)
You can have an additional rule for blocking direct access to .php
files: 您可以使用其他规则来阻止对
.php
文件的直接访问:
RewriteEngine On
RewriteCond %{THE_REQUEST} /.+?\.php[\s?] [NC]
RewriteRule ^ - [F]
RewriteRule ^page/([^/]+)/?$ page.php?id=$1 [L,QSA]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{DOCUMENT_ROOT}/$1\.php -f [NC]
RewriteRule ^(.+?)/?$ /$1.php [L]
You can add this line 您可以添加此行
RewriteRule login.php$ 403.php
EDIT: 编辑:
I'm sorry this won't work because of Internal Redirection 对不起,因为内部重定向,这不起作用
Try this 尝试这个
RewriteCond %{ENV:REDIRECT_STATUS} !200
RewriteRule login.php$ 403.php [L]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.