如何编写.htaccess并保护Laravel中的站点文件和文件夹
[英]how to write .htaccess and protect sites files and folder in laravel
问题描述
i developed a website in laravel but problem is if someone know the name of files he can directly access that files of website which i don't want 
我在laravel开发了一个网站,但问题是,如果有人知道文件名,他可以直接访问我不想要的网站文件
JobScholar
app
Exceptions
Http
Mail
Models
Permission.php
Providers -
Role.php
User.php
.env
etc etc
application is working fine but what i want if user type 应用程序运行正常,但是如果用户输入我想要什么
http://localhost:8080/JobScholar/app/
or
http://localhost:8080/JobScholar/User.php/
he should rediret to home controller or see an error message 他应该重新分配到家庭控制器或看到错误消息
my .htaccess 我的.htaccess
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
Options -Indexes
ErrorDocument 403 http://localhost:8080/JobScholar/index
Options +FollowSymLinks
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /JobScholar/$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
## Don't listing directory
#Options -Indexes
#
## Follow symbolic links
#
#
## Default handler
#DirectoryIndex index.php
i don't want the user to access any of the file or directory the only directory and files he can see are only those whose routes are defines 我不希望用户访问任何文件或directory ,他可以看到的唯一目录和文件只是那些routes已定义的文件
1 个解决方案
解决方案1
0 2017-09-09 21:05:40
Laravel basic flow is that ALL the requests go through index.php file in public folder. Laravel基本流程是,所有的请求都通过index.php文件中的public文件夹。 So you have to make sure your server points all the request to that folder so index.php can serve and take care of the rest. 因此,您必须确保服务器将所有请求都指向该文件夹,以便index.php可以服务并处理其余的请求。
Quick fix is to create vHost file(assuming you're not on shared host). 快速解决方案是创建vHost文件(假设您不在共享主机上)。 Here's a sample: 这是一个示例:
<VirtualHost *:80>
ServerName www.site.com
ServerAlias site.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/site_name/public
<Directory /var/www/html/site_name/public>
AllowOverride All
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
On apache server it will go in: 在apache服务器上,它将进入:
/etc/apache2/sites-available/
Then enable the site a2ensite site_name.conf 然后启用站点a2ensite site_name.conf
Finally point your site to server IP in /etc/hosts like so: 127.0.0.45 site.com 最后,将站点指向/etc/hosts服务器IP,如下所示: 127.0.0.45 site.com
Also be sure to enable mod rewrite using a2enmod rewrite so .htaccess provided by Laravel can make required rewrites to the URL. 此外,一定要使用能够国防部重写a2enmod rewrite这样.htaccess通过Laravel提供可以使需要重新写入的网址。
Finally restart apache: service apache2 restart 最终重新启动apache: service apache2 restart
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.