如何防止使用 CodeIgniter 直接访问文件
[英]How to prevent direct access to the files with CodeIgniter
问题描述
How can prevent direct access to the files like the folders/files in application?
如何防止直接访问应用程序中的文件夹/文件等文件?
I see in application folder are files .htaccess and index.html that include:我在应用程序文件夹中看到文件 .htaccess 和 index.html 包括:
.htaccess .htaccess
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>
index.html索引.html
<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
</head>
<body>
<p>Directory access is forbidden.</p>
</body>
</html>
i create a new folder in a root project directory with name: Customers where will be stored customers PDF files.我在根项目目录中创建一个新文件夹,名称为:Customers where will be stored customers PDF files。 I paste both files .htaccess and index.html from application to Customers but the PDF files are still able to direct access.我将两个文件 .htaccess 和 index.html 从应用程序粘贴到客户,但 PDF 文件仍然能够直接访问。
How to make them like application folder files to be able to access only the system?如何使它们像应用程序文件夹文件一样只能访问系统?
2 个解决方案
解决方案1
1 已采纳 2020-04-14 09:58:28
some how this way is working.一些这种方式是如何工作的。
Inside the Customers folder i put .htaccess like this one (replace domain with your) and will prevent direct access to files but will allowed access from the system在客户文件夹中,我将 .htaccess 像这样(将域替换为您的),将阻止直接访问文件,但允许从系统访问
RewriteCond %{REQUEST_FILENAME} ^.*(pdf|)$
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?domain\.com/ [NC]
RewriteRule . - [R=403,L]
解决方案2
0 2020-04-14 07:08:33
The best practice would be to store them outside of your public folder.最佳做法是将它们存储在您的公用文件夹之外。
To request these files you could use the answer given in another topic: how to access documents(.pdf.doc etc) which are stored outside of the root folder要请求这些文件,您可以使用另一个主题中给出的答案: 如何访问存储在根文件夹之外的文档(.pdf.doc 等)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.