.htaccess和Apache ModSecurity
[英].htaccess and Apache ModSecurity
问题描述
I have this .htaccess 
我有这个.htaccess
Options -Indexes
RewriteEngine On
RewriteBase /
# Force to exclude the trailing slash
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.*)/$
RewriteRule ^(.+)/$ $1 [R=307,L]
# Restrict php files direct access
# this part generate the problem
RewriteCond %{THE_REQUEST} ^.+?\ [^?]+\.php[?\ ]
RewriteRule \.php$ - [F]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?$1 [QSA,L]
But the apache write me this: 但阿帕奇给我写了这个:
ModSecurity: Warning.
How i must edit my htaccess? 我该如何编辑我的htaccess? Thanks guys. 多谢你们。
1 个解决方案
解决方案1
0 2016-11-22 13:32:22
As the first comment has said that you have a ModSecurity rule blocking your request. 正如第一条评论所说,您有一条阻止您的请求的ModSecurity规则。 If your hosting provider has enabled '--enable-htaccess-config' when building ModSecurity then you have access to disable that particular rule from an htaccess file. 如果您的托管服务提供商在构建ModSecurity时启用了“--enable-htaccess-config”,那么您可以从htaccess文件中禁用该特定规则。 You can use something similar to the following: 您可以使用类似于以下内容的内容:
<IfModule mod_security.c> SecRuleRemoveById 960032 </IfModule>
However, if your provider has not enabled this and you don't have access to any Apache configuration files (httpd.conf, etc). 但是,如果您的提供者尚未启用此功能,并且您无权访问任何Apache配置文件(httpd.conf等)。 Then you will have to contact your hosting provider to fix the issue. 然后,您将必须与托管服务提供商联系以解决此问题。 Sorry 抱歉
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.