如何从我的 apache2 网页中删除.php 文件扩展名

Question

I'm running a php web application inside /var/www/html/app, i'm trying to modify the apache configuration so that.php file extensions are hidden from the browser. I've read multiple other answers on stack-overflow, but none of the solutions work for me.

My application is in /var/www/html/app

My website uses HTTPS and the configuration file i have been modifying is:

/etc/apache2/sites-enabled/application-ssl.conf

The contents of the conf file is:

<VirtualHost *:443>
    # The ServerName directive sets the request scheme, hostname and port that
    # the server uses to identify itself. This is used when creating
    # redirection URLs. In the context of virtual hosts, the ServerName
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.
    #ServerName www.example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    ServerName myapplication.com 
    DocumentRoot /var/www/html

    SSLEngine on 
    SSLCertificateFile /etc/ssl/myapplication_com.crt
    SSLCertificateKeyFile /etc/ssl/private/myapplication.com/myapplicationcom.key 
    SSLCertificateChainFile /etc/ssl/myapplication_com.ca-bundle

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf


SecRuleEngine On




<IfModule mod_headers.c>
  <Directory />
    Header always set X-XSS-Protection "1; mode=block"
    Header always set x-Frame-Options "SAMEORIGIN"
    Header always set X-Content-Type-Options "nosniff"
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
    Header always set Referrer-Policy "strict-origin"
  </Directory>
</IfModule>

</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
<Directory /var/www/html/app>
Options +MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.php [NC,L]
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all

        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /etc/apache2/.htpasswd
        Require valid-user

</Directory>

Currently i have added:

Options +MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.php [NC,L]
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all

As this seems to be the most recommended solution for apache2. I don't use a .htaccess file inside /var/www/html/app and Mod Rewrite is enabled

I can't see any change in my web application and when i access the files without php i get a 404 error and the following error in the log:

AH00687: Negotiation: discovered file(s) matching request: /var/www/html/app/betfinder (None could be negotiated).

How can i modify my configuration to make it work?

Answer 1

Try this:

RewriteCond /%{REQUEST_FILENAME}.php -f
RewriteRule ^([a-zA-Z0-9_-\s]+)/$ /$1.php

Answer 2

I got it working with this:

<Directory /var/www/html/app>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule (.*) $1.php [L]
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>