[英]How do you prevent direct access to a file in Apache?
我想阻止用户通过其URL直接访问目录中的文件,但仍然希望能够通过include
或require
函数在PHP程序内使用它们。
It is possible to put a .php
file outside of the public_html folder. 可以将
.php
文件放在public_html文件夹之外。 For example, if your public_html folder is at /my/domain/public_html/
you could put your PHP files in /my/domain/php_files/
and still access it from scripts within the public_html folder by using absolute or relative paths, but since it is outside of the public folder it will not be accessible over the web. 例如,如果您的public_html文件夹位于
/my/domain/public_html/
,则可以将PHP文件放在/my/domain/php_files/
并且仍然可以使用绝对路径或相对路径从public_html文件夹中的脚本访问它,但是由于位于公用文件夹之外,因此无法通过网络访问。
Keeping files outside of the public document folder is recommended best practice for configuration files etc. for security reasons. 为了安全起见,建议将配置文件等的最佳实践保存在公共文档文件夹之外。
Mention the below line in your .htaccess
file. 在
.htaccess
文件中提及以下行。 It'll definitely solve your problem. 肯定会解决您的问题。
RewriteRule ^includes/ - [R=404,L,NC]
<Files conf.inc.php>
order allow,deny
deny from all
</Files>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.