[英].htaccess: Redirect / to index.php and block everything else
I'm trying to protect my PHP files against direct access. 我试图保护我的PHP文件免遭直接访问。 What I want to allow is direct access to
index.php
and a directory called public
(with CSS, Images, etc.). 我要允许的是直接访问
index.php
和一个名为public
(带有CSS,Images等)的目录。 Access to the root directory /
should redirect to index.php
: 访问根目录
/
应该重定向到index.php
:
/ (root): allow -> redirect to index.php
+--index.php: allow
+--public
| +--... allow
+--[everything else]: block
My current .htaccess
file looks like this: 我当前的
.htaccess
文件如下所示:
order allow,deny
<Files index.php>
Allow from all
</Files>
<Files .htaccess>
Order Allow,Deny
Deny from all
</Files>
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^/$ /index.php [L]
</IfModule>
It basically works but won't redirect from /
to index.php
, instead Apache is giving me a 403 error. 它基本上可以正常工作,但是不会从
/
重定向到index.php
,相反,Apache给了我403错误。 What am I doing wrong? 我究竟做错了什么?
Look at the documentation for Order ...
, which you can find here . 查看
Order ...
的文档,您可以在这里找到。
Allow,Deny
允许否认
First, all Allow directives are evaluated;
首先,评估所有Allow指令; at least one must match, or the request is rejected.
至少一个必须匹配,否则请求被拒绝。 Next, all Deny directives are evaluated.
接下来,将评估所有“拒绝”指令。 If any matches, the request is rejected.
如果有匹配项,则请求被拒绝。 Last, any requests which do not match an Allow or a Deny directive are denied by default.
最后,默认情况下会拒绝所有与Allow或Deny指令不匹配的请求。
The request for /
does not match any rules, so there are no allow or deny directives for it, so it is denied by default. 对
/
的请求不符合任何规则,因此没有针对其的allow或deny指令,因此默认情况下被拒绝。 You fix it by explicitly allowing a request to /
, and creating a new .htaccess file in the public subdirectory to allow requests there. 您可以通过显式允许
/
的请求并在public子目录中创建一个新的.htaccess文件以允许该请求来解决此问题。
In /.htaccess
: 在
/.htaccess
:
order allow,deny
<Files ~ "^(index\.php|)$">
Allow from all
</Files>
<Files .htaccess>
Order Allow,Deny
Deny from all
</Files>
DirectoryIndex index.php
And in /public/.htaccess
: 在
/public/.htaccess
:
Order allow,deny
Allow from all
Screencast of this working: https://www.screenr.com/BLfN 此工作的截屏视频: https : //www.screenr.com/BLfN
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.