堆栈内存溢出
  简体   繁体   English

.htaccess 只允许访问 index.php 和一个目录

[英].htaccess only allow access to index.php and a directory

 原文  2015-05-25 22:01:18       php/ regex/ apache/ .htaccess/ mod-rewrite

问题描述

I am using我在用

RewriteEngine On
RewriteRule ^.*$ ./index.php

to redirect all my website traffic through index.php and let my php code get the request_uri and route each request accordingly.通过 index.php 重定向我的所有网站流量,并让我的 php 代码获取 request_uri 并相应地路由每个请求。

I want to restrict access to all other files/directories except one that will contain the js files, css files, images etc.我想限制对所有其他文件/目录的访问,除了包含 js 文件、css 文件、图像等的文件/目录。

I found that to do that I can use:我发现要做到这一点,我可以使用:

Order deny,allow
Deny from all

<Files index.php>
    Order Allow,Deny
    Allow from all
</Files>

and then have another .htaccess file inside the public directory to allow certain file types.然后在 public 目录中有另一个 .htaccess 文件以允许某些文件类型。

When I navigate to localhost/mysite/index.php it works fine since the index.php file is accessible.当我导航到 localhost/mysite/index.php 它工作正常,因为 index.php 文件是可访问的。

But for any other url I get a 403, for example /mysite/home/ is forbidden even though I expected it to work normally.但是对于任何其他 url,我得到 403,例如 /mysite/home/ 被禁止,即使我希望它正常工作。

What can I do get the expected behavior?我该怎么做才能得到预期的行为?

My full .htacces file is:我的完整 .htaccess 文件是:

RewriteEngine On

RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f

RewriteRule ^.*$ ./index.php


Order deny,allow
Deny from all

<Files index.php>
    Order Allow,Deny
    Allow from all
</Files>

EDIT: The /public/.htaccess currently looks like this:编辑:/public/.htaccess 目前看起来像这样:

<Files ~ "\.(xml|css|jpe?g|png|gif|js|pdf)$">
  Allow from all
</Files>

2 个解决方案

解决方案1
 7 已采纳  2015-05-26 10:57:27

Try this code in /mysite/.htaccess :/mysite/.htaccess试试这个代码:

DirectoryIndex index.php
RewriteEngine On

RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^ index.php [L]

RewriteRule !^(public/|index\.php) [NC,F]

解决方案2
 1  2015-05-25 22:07:40

You can use:您可以使用:

RewriteEngine on

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule ^(.+)$ index.php

That is the .htaccess I use for my applications.那是我用于我的应用程序的 .htaccess。 In the public directory, I only place index.php and JS, CSS and images file that I need, so there is no need to filter them out.在public目录下,我只放了我需要的index.php和JS、CSS和图片文件,不需要过滤掉。 Any other file (such as uploads), are save to a folder outside of the public folder - so they are no accessible directly - only via a php script that reads them.任何其他文件(例如上传)都保存到公共文件夹之外的文件夹中 - 因此无法直接访问它们 - 只能通过读取它们的 php 脚本。 I believe that is "best practice".我相信这是“最佳实践”。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 .htaccess仅允许访问和重定向到仅一个目录的根index.php - .htaccess only allow access and redirect to root index.php for only one directory .htaccess 我如何只允许通过 index.php 页面访问页面 - .htaccess how can i allow access to pages only through the index.php page htaccess拒绝访问index.php作为目录索引 - htaccess is denying access to index.php as directory index 仅当bot要求时才允许直接url访问图像,否则使用.htaccess将url传递到index.php文件 - allow direct url access to image only if requested by bot otherwise pass url to index.php file using .htaccess htaccess不在子目录中显示index.php - htaccess to not show index.php in sub directory .htaccess重定向到任何目录中的index.php - .htaccess redirect to index.php in any directory .htaccess-仅适用于index.php /,不适用于/ - .htaccess - works only with index.php/ not with / 配置htaccess以只读index.php - Configuring htaccess to read only index.php 如何在Zend Framework项目中配置.htaccess以仅允许公用文件夹中的index.php - How to configure .htaccess in a Zend Framework project to allow only index.php in public folder 限制通过浏览器直接访问 .php 文件,只允许 index.php 访问它们 - Restrict direct access to .php files through browser and allow only index.php to access them
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM