这是本质上的this问题但有一点需要注意:我想要拒绝直接访问一个名为index.php的根目录下的所有文件
This is essentially a duplicate of this question but with one caveat: I want to deny direct access to all files named index.php below the root directory.
允许: 的index.php
Allow: /index.php
拒绝: /application/views/settings/index.php
Deny: /application/views/settings/index.php
我知道我可以使用PHP来寻找一个定义的常量或变量,但有可能使用的.htaccess只是实现这一目标?这是我到目前为止有:
I know I can use PHP to look for a defined constant or variable, but is it possible to achieve this using .htaccess only? This is what I have so far:
##
# Disallow direct access to files.
#
<FilesMatch "^(.*).php$">
Order Deny,Allow
Deny from all
</FilesMatch>
<FilesMatch "^index.php$">
Order Allow,Deny
Allow from all
</FilesMatch>
添加第三个 FilesMatch
拒绝^(。*)/指数/指数的.php $
不工作。
您无法使用&LT做到这一点; FilesMatch
或&LT;文件&GT;
单独指令:您需要将它们与&LT相结合;目录
。例如:
You cannot do it with <FilesMatch
or <Files>
directive alone: you need to combine them with <Directory
. For example:
<Directory /var/www>
<FilesMatch ".php$">
Order Deny,Allow
Deny from all
</FilesMatch>
<FilesMatch "^index.php$">
Order Allow,Deny
Allow from all
</FilesMatch>
</Directory>
<Directory /var/www/*>
<FilesMatch ".php$">
Order Deny,Allow
Deny from all
</FilesMatch>
</Directory>
这里的缺点是,你应该修改的httpd.conf
或类似的文件,如&LT;目录&GT;
指令可以在的.htaccess
不能使用。
The catch here is that you should edit httpd.conf
or similar files, as <Directory>
directive cannot be used in .htaccess
.
如果您不能更新 .conf文件
文件和的.htaccess
是唯一的出路身边,你会要复制的规则显示每个目录中的的.htaccess
,我想。它是否比使用如果(定义(...))
招更好的,是你。
If you can't update .conf
files and .htaccess
is the only way around, you would have to copy the shown rule in each directory's .htaccess
, I suppose. Whether or not it's better than using if(defined(...))
trick, is up to you.