I am trying to write .htaccess
rules to deny access to all .php
files in all subfolders but allow access to one single file in one of subdirectories and also using a RewriteRule
on that file, it works if Request URI
is not empty but when I access /
it shows Forbidden
Now I have :
<Files ~ "\.(php)$">
deny from all
</Files>
<Files Test.php>
allow from all
</Files>
Options +FollowSymLinks
Options All -Indexes
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ /Sub/Test.php [QSA]
How to make it to work as expected?
That's because when you request /
, it gets mapped to index.php
or whatever your index file is and this condition then fails:
RewriteCond %{REQUEST_FILENAME} !-f
You could add an additional or 'ed condition to also allow the /
request through:
RewriteCond %{REQUEST_URI} ^/$ [OR]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ /Sub/Test.php [QSA]
Actually all this blocking of .php
can be easily handled in just 2 rules. Consider this code:
RewriteEngine On
# block any request with `.php
RewriteCond %{THE_REQUEST} \s/.+?\.php[\s?] [NC]
RewriteRule ^ - [F]
# send all non-file, non-dir requests to /Sub/Test.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.+$ /Sub/Test.php [L]
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.