在我的.htaccess文件我已经定义了以下规则，以使我的注册页面的网址为 http://example.com/register/

In my .htaccess file I have defined the following rule to make my register page URL as http://example.com/register/

RewriteRule register/ /register.php

以上规则是完全没有问题，但我可以从 http://example.com/register/ 从访问我的注册页面，以及http://example.com/register.php 。

我不希望出现这种情况的用户将能够从 http://example.com/register.php URL访问的URL，没有任何规则，我可以在.htaccess规定停止执行register.php URL或者只是重定向任何直接register.php请求/注册/

I don't want that user will be able to access the URL from http://example.com/register.php URL, is there any RULE which I can define in .htaccess to stop execution of register.php URL or simply redirect any direct register.php request to /register/

推荐答案

如果你这样做是为了避免让多个链接到相同的内容，你可以简单地不使用你的页面上的任何地方register.php。我想，没有搜索引擎会猜测的一个特定的文件类型，如果不存在安全问题，你是在安全方面，因为在我看来，没有用户会连接到这个文件无论是。但是，如果你想成为某些只是通过重新路由的index.php文件的所有功能，通过在你的.htaccess一行应放在您的www根目录中：

If you are doing this to avoid getting multiple links to the same content, you can simply don't use "register.php" anywhere on your page. I think no search engine will "guess" for a certain file type and if there are no security concerns you are on the safe side, because in my opinion no user will link to this file either. However if you want to be certain just reroute all your functionality through an index.php via one line in your .htaccess which should be placed inside your www-root directory:

RewriteEngine on
RewriteRule ^(.*?)$ index.php?file=$1

在你的index.php然后你可以简单地选择通过分解和检查$ _GET [档案]参数来调用该函数/文件。为了使100％肯定没有人可以访问您的register.php文件直接只需将它（和所有其他人）到一个单独的目录，包括.htaccess文件有以下行：

In your index.php you can then simply choose which function/file to invoke by breaking down and checking the $_GET["file"] parameter. To make 100% certain no one can access your register.php file directly just move it (and all your others) to a separate directory and include a .htaccess file with the following line:

DENY from all

有几个其他选项prevent直接访问。只要定义（）在你的index.php的地方，并在您的register.php顶部只是把一个变量

There are a couple of other options to prevent direct access. Just define() a variable somewhere in your index.php and at the top of your register.php just put

defined('access') or die('Intruder alert!');

在顶部。另一种方式可能是实话，只是告诉搜索引擎你的内容已被移动，他们不再应该使用旧的链接：

at the top. Another way could be to be honest and simply tell search engines that your content has been moved and that they no longer should use the old link:

header("Status: 301"); /* Content moved permanently */
header("Location: http://yourserver/Register/");
exit;

更新

还有一件事掠过我的头脑，你也可以检查 $ _ SERVER [REQUEST_URI] ，用户是否附加任何.PHP，并采取相应的行动要么拒绝访问完全或只是重定向到新的位置。

Just one more thing that crossed my mind, you can also check $_SERVER["REQUEST_URI"], whether the user attached any ".php" and act accordingly by either denying access completely or just redirecting to the new location.