[英]Block index.php everywhere except in the root directory with .htaccess
I have a folder structure like this: 我有这样的文件夹结构:
subdir
|_ subsubdir
|_ index.php
|_ other_stuff.php
|_ images
|_ pic.jpg
.htaccess
config.ini
index.php
Content of the .htacces file: .htacces文件的内容:
Options +FollowSymLinks -MultiViews -Indexes
Order Deny,Allow
<FilesMatch "(\.ini$)|(\.php$)|(^\.)">
Deny from all
</FilesMatch>
<Files index.php>
Allow from all
</Files>
My goal is to keep users from viewing subdir/subsubdir/index.php (and all other *.php files, no matter where, but this works already) but allow them to see the index.php in the root directory. 我的目标是阻止用户查看subdir / subsubdir / index.php(以及所有其他* .php文件,无论在什么地方,但这已经可以使用),但允许他们在根目录中查看index.php。
Currently, the user is obviously still able to see subdir/subsubdir/index.php, because all files named "index.php" are allowed, but I have no idea how to allow just the one in the root directory and deny all others. 目前,用户显然仍能够看到子目录/ subsubdir / index.php的,因为一个名为“的index.php”中的所有文件都是允许的,但我不知道如何让只是一个在根目录下,并拒绝所有其他人。 I have tried different things but endet up either completely denying or allowing them all.
我尝试了不同的方法,但是忍受了要么完全拒绝,要么全部允许。
I feel like this should be a very easy task but I just can't figure it out. 我觉得这应该是一个非常容易的任务,但我只是想不通。
Things I have tried: 我尝试过的事情:
<FilesMatch "\.\/index\.php">
Allow from all
</FilesMatch>
---
<FilesMatch "^index\.php$">
Allow from all
</FilesMatch>
---
<Files ./index.php>
Allow from all
</Files>
---
<Files /index.php>
Allow from all
</Files>
Comment out both FilesMatch
blocks: 注释掉两个
FilesMatch
块:
And use this code: 并使用以下代码:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/index\.php$ [NC]
RewriteRule ^\.|\.(ini|php)$ - [F,NC]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.