[英]how to write .htaccess and protect sites files and folder in laravel
i developed a website in laravel but problem is if someone know the name of files he can directly access that files of website which i don't want 我在laravel开发了一个网站,但问题是,如果有人知道文件名,他可以直接访问我不想要的网站文件
JobScholar
app
Exceptions
Http
Mail
Models
Permission.php
Providers -
Role.php
User.php
.env
etc etc
application is working fine but what i want if user type 应用程序运行正常,但是如果用户输入我想要什么
http://localhost:8080/JobScholar/app/
or
http://localhost:8080/JobScholar/User.php/
he should rediret to home controller or see an error message 他应该重新分配到家庭控制器或看到错误消息
my .htaccess 我的.htaccess
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
Options -Indexes
ErrorDocument 403 http://localhost:8080/JobScholar/index
Options +FollowSymLinks
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /JobScholar/$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
## Don't listing directory
#Options -Indexes
#
## Follow symbolic links
#
#
## Default handler
#DirectoryIndex index.php
i don't want the user to access any of the file or directory
the only directory and files he can see are only those whose routes
are defines 我不希望用户访问任何文件或directory
,他可以看到的唯一目录和文件只是那些routes
已定义的文件
Laravel basic flow is that ALL the requests go through index.php
file in public
folder. Laravel基本流程是,所有的请求都通过index.php
文件中的public
文件夹。 So you have to make sure your server points all the request to that folder so index.php
can serve and take care of the rest. 因此,您必须确保服务器将所有请求都指向该文件夹,以便index.php
可以服务并处理其余的请求。
Quick fix is to create vHost file(assuming you're not on shared host). 快速解决方案是创建vHost文件(假设您不在共享主机上)。 Here's a sample: 这是一个示例:
<VirtualHost *:80>
ServerName www.site.com
ServerAlias site.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/site_name/public
<Directory /var/www/html/site_name/public>
AllowOverride All
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
On apache server it will go in: 在apache服务器上,它将进入:
/etc/apache2/sites-available/
Then enable the site a2ensite site_name.conf
然后启用站点a2ensite site_name.conf
Finally point your site to server IP in /etc/hosts
like so: 127.0.0.45 site.com
最后,将站点指向/etc/hosts
服务器IP,如下所示: 127.0.0.45 site.com
Also be sure to enable mod rewrite using a2enmod rewrite
so .htaccess
provided by Laravel can make required rewrites to the URL. 此外,一定要使用能够国防部重写a2enmod rewrite
这样.htaccess
通过Laravel提供可以使需要重新写入的网址。
Finally restart apache: service apache2 restart
最终重新启动apache: service apache2 restart
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.