Prevent viewing certain .php files
Question
I'm using PHP with Apache and pretty URLs with mod_rewrite.
I have an index.php where I include some other .php files that contain the content.
Now I'd like to prevent people from viewing those (content only) .php files, unless they are included via my index.php script of course.
This is the RewriteRule I'm using:
RewriteRule ^/?([a-zA-Z0-9/-]+)/?$ /index.php [NC,L]
It rewrites every request to the index.php where requests are handled and content is included accordingly.
Is there a way to do this with mod_rewrite , ie my .htaccess ? To generally deny access to .php files or something like that?
Thanks!
3 answers
solution1
4 2010-11-20 23:21:50
在您的索引文件中放置一个常量,然后在每个php文件中执行以下操作:
defined('ALLOWED') or die('No direct script access.');
solution2
4 2010-11-21 01:44:46
Keep your PHP files (except index.php) out of the web root. You can still include/require them from your code, but people won't be able to access them by URL.
solution3
2 ACCPTED 2010-11-20 23:32:00
How do you access these files currently if all requests are rewritten to index.php?
You should not need to deny access.
Use
RewriteRule ^(.*)$ index.php [L]
and handle everything else in PHP.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.