[英]Rewrite PHP file names to cgi with htaccess and deny access to php files
I rewrite the file name of php files with below htaccess code : 我用下面的htaccess代码重写php文件的文件名:
ErrorDocument 404 /notfound.html
AddType application/x-httpd-php .cgi
RewriteEngine on
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [F,L]
RewriteRule ^(.*)\.cgi $1\.php
What I want to do : can I restrict access to php files too ? 我想做什么:我也可以限制对php文件的访问吗? for example if visitor want to see
page.php
get the 404 error and when want to see main.cgi
page can see the page without error , is it possible ? 例如,如果访问者希望看到
page.php
得到404错误,而想要看到main.cgi
页面则可以看到没有错误的页面,这可能吗?
if I can't do this with just htaccess , what's the best solution ? 如果我不能仅凭htaccess做到这一点,最好的解决方案是什么?
You could achieve what you want by having the php files outside of your public folder, than have your index.php file include them 您可以通过将php文件放在公用文件夹之外来实现所需的功能,而不是将index.php文件包括在内
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [F,L]
and in index.php something like 和在index.php中类似
$validFiles = array('page', 'about', 'gallery');
$requestedFile = str_replace('.cgi', '', trim($_SERVER['REQUEST_URI'], '/');
if(in_array($requestedFile, $validFiles ))
{
// ../ goes into the parent folder, and code is a sibling of your public folder
include '../code/'.$requestedFile.'.php';
}
else
{
// file not found stuff or index here
}
Though I would question why you need to use the .cgi extension at all, is that something to do with your host, or a legacy requirement? 尽管我会问为什么您根本需要使用.cgi扩展名,但这与您的主机有关,还是有遗留要求? because with htaccess you can have clean urls like
因为有了htaccess,您可以拥有干净的网址,例如
mydomain.com/products/widget/ mydomain.com/products/widget/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.