下面是我的的.htaccess 的

<Files *>
  Order Deny,Allow
  Deny from all
</Files>

<Files index.php>
  Order Deny,Allow
  Allow from all
</Files>

这是行不通的，如果我输入主机名在我的浏览器造成的，它服务的index.php但是Apache似乎并不适用文件的说明，而是返回一个非允许的文件访问页，我需要键入全名的文件（如的index.php），以使其发挥作用。这是不是真的很方便......

This is not working, cause if I type the hostname in my browser, it serves the index.php but apache doesn't seem to apply the Files instructions and instead returns a non-allowed file access page, I need typing the fullname document (e.g. 'index.php') to make it work. which is not really convenient...

如何进行，如果我想用户的每个文件夹只有在我的网站的访问索引文件？ 所有其他文件都只是脚本包裹，所以我相信我做得对试图使他们的网络无法访问的（也可能不是，只要你有一个理由，证明另一种情况）。

how to proceed if I want users only access index files of each folder in my website ? all the other files are just script inclusions so i believe i'm doing right trying to make them inaccessible from the web (or maybe not, if only you have one reason to prove the other case).

无论上面的问题，是正确的方式来完成这项工作？ （我认为这两个指令这里是不是工整，但它是唯一的方法，也几乎是我所知避免的唯一途径访问文件）。

Regardless the question above, is it the right way to do the job ? (I think the two directives here are not neat but it's the only way, well almost the only way that I know to avoid accesses to files).

推荐答案

不知道是什么原因，你需要做到这一点，但您可以使用 mod_setenvif （无需包装这里面一个＆LT;文件＆GT; ）

Not exactly sure why you need to do this, but you can use mod_setenvif (no need to wrap this inside a <Files>)

SetEnvIf Request_URI ^/index.php$ index
Order Allow,Deny
Allow from env=index

这会导致访问hostname.com/到403，但允许hostname.com/index.php。如果你想允许/为好，只需添加

This will cause access to hostname.com/ to 403 but allow hostname.com/index.php. If you want to allow / as well, just add

SetEnvIf Request_URI ^/$ index

顶端。当然，这一切都将使它所以任何index.php的链接也将返回403。

to the top. Of course, all this will make it so anything that index.php links to will also return a 403.