如何阻止直接请求到指定目录中的php文件?
[英]How to block direct requests to php files in specified directory?
问题描述
I have a master folder where I hold all of my resources such as js, css, images, etc. called /resources/. 
我有一个主文件夹,其中存放着所有资源,如js,css,图像等,称为/ resources /。
In /resources/, I have php files I include on pages of my website, however, they're currently directly accessible if entered into the browser. 在/ resources /中,我的网站页面上包含php文件,但是,如果将它们输入浏览器,则可以直接访问它们。
Is there a way for me to use .htaccess in that directory to prevent direct requests to any files of certain extensions such as PHP? 我是否可以在该目录中使用.htaccess来防止直接请求某些扩展名(例如PHP)的文件? Hotlinking prevention isn't really what I'm looking for. 防止热链接并不是我真正想要的。 I just need a way to kill any sort of direct request to these PHP files(in the /resources/ directory specifically) made by anything other than the website itself. 我只需要一种方法来杀死对除网站本身以外的任何其他东西(特别是在/ resources /目录中)的这些PHP文件的任何直接请求。
Any help is appreciated. 任何帮助表示赞赏。 Thank you very much. 非常感谢你。
1 个解决方案
解决方案1
6 已采纳 2012-11-29 01:20:21
Add a .htaccess in your /resources/ folder containing the following 在/resources/文件夹中添加一个.htaccess ,其中包含以下内容
<Files ~ "\.php$">
Order allow,deny
Deny from all
</Files>
It should prevent access to all .php files 它应该阻止访问所有.php文件
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.