htaccess rewriteRule限制访问某一特定文件夹问题
我在限制文件夹 inc 时遇到问题。
它只是根目录中的 inc 文件夹,而不是层次结构中更高的 inc 文件夹
问题是:
IE 将启动下载/打开对话框, p>
FF 显示包含文件
我的图像文件夹没有这个问题,该文件夹也位于根目录中。
请问我可以用什么逻辑来防止这种情况发生?
Options +FollowSymlinks
RewriteEngine On
Options All -Indexes
IndexIgnore *
# RewriteRule ^inc($|/) - [R=403,L]
RewriteCond %{HTTP_REFERER} !^http://([-a-z0-9]+\.)?taxi-bel\.nl [NC]
RewriteRule \.(gif|png|jpg|css|js)$ - [F,NC,L]
#################################################### ##################################################
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]
############################################ RewriteCond %{HTTP_HOST} ^www.(.) [NC] RewriteRule ^(.)$ http://%1/$1 [R=301,NC,L]
编辑因为
我通过添加此规则解决了问题 DirectoryIndex index.php
和 将index.php放置在指向错误文件的inc文件夹中, - 或者您可以将其设置为错误页面本身 - 以及问题解决了!
I have problem with getting the folder inc restricted.
It is only the inc folder in the root directory and not the inc folders higher up the hierarchy
Problems are:
IE will start a download/open dialog and
FF displays an include file
I don´t have this problem with the images folder which is also in the root directory.
What logic could I use to prevent this, please?
Options +FollowSymlinks
RewriteEngine On
Options All -Indexes
IndexIgnore *
# RewriteRule ^inc($|/) - [R=403,L]
RewriteCond %{HTTP_REFERER} !^http://([-a-z0-9]+\.)?taxi-bel\.nl [NC]
RewriteRule \.(gif|png|jpg|css|js)$ - [F,NC,L]
#######################################################################
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]
#######################################################################
RewriteCond %{HTTP_HOST} ^www.(.) [NC]
RewriteRule ^(.)$ http://%1/$1 [R=301,NC,L]
Edit because
I solved the problem by adding this rule
DirectoryIndex index.php
and to place an index.php in the inc folder which points to an error file, - or you can make it the error page itself -, and problem solved!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您注释掉的规则可以做到这一点:
And I'd宁愿发送 404 而不是 403。但这需要 Apache 2。
The rule you commented out can do that:
And I would rather send a 404 than a 403. But this requires Apache 2.
如果您只想禁止通过网络服务器访问
inc
文件夹及其内容,您只需将.htaccess
文件放入inc
文件夹本身并禁止所有来自外部的访问。If you only want to disallow accessing the
inc
folder and its contents via the webserver ayou can simply put a.htaccess
file in theinc
folder itself and disallow all accesses from outside.