我希望限制访问我的网站的一些页面。我在PHP一些BL页，我想限制thier只能访问内部访问。

I want to limit the access for some pages in my web site. I have some BL pages in PHP and I want to limit thier access to only internal access.

我的意思是，我想，这些网页将被拒绝，如果用户键入他们的浏览器，但可以访问，如果另一个PHP页面会打电话给他们（用POST或GET请求）。

I mean that I want that these pages will be denied if the user type them in the browser, but will be accessible if another PHP page will call them (with POST or GET requests).

是否有可能做到这一点，在.htaccess文件？ 如果是，怎么了？

Is it possible to do that in the .htaccess file? If it is, how?

推荐答案

只是为了澄清，PHP页面是不是一个发送POST或GET请求，这是的浏览器的，这意味着你可以'T通过IP模块。所以，你需要在这里检查，对引用者。这一问题是引用者可以很容易伪造的，所以这是不能保证你会被拒绝访问。

Just to clarify, the php page isn't the one sending POST or GET request, it's the browser, which means you can't block by IP. So you need to be checking against the referer here. Problem with that is the referer can be easily forged so this is no guarantee that you'll be denying access.

您可以使用％中的mod_rewrite {HTTP_REFERER} 变量检查引用者，然后使用 F 标志拒绝访问：

You can check the referer using the %{HTTP_REFERER} variable in mod_rewrite and then use the F flag to deny access:

RewriteEngine On
# if the request's referer isn't from a php page on your site
RewriteCond %{HTTP_REFERER} !^https?://your-domain.com/.*.php
# deny access to the list of php files
RewriteRule ^(path/to/protected.php|path/another_protected.php|images/protected.png)$ - [L,F]