使用 .htaccess 拒绝直接请求
有什么方法可以使用 .htaccess 拒绝对我网站特定部分的直接请求,例如 www.example.com/XXXXXX
我只想允许 Referer 仅对 XXXXXX。我知道我必须以某种方式使用 HTTP_REFERER 来实现我的目标,但目前我正在使用其他 .htaccess 规则,并且不确定如何将所有规则组合在一起。这就是我现在在 .htaccess 中的内容
选项+FollowSymlinks RewriteEngine 在 RewriteCond %{REQUEST_FILENAME} 上!-f 重写规则 ^([^/]+)$ /index.php?page=$1 [QSA,L]
Is there any way to use .htaccess to deny direct Request to a specific part of my website e.g. www.example.com/XXXXX
I only want to allow Referer only to XXXXXX. I know that I have to use HTTP_REFERER somehow to accomplish my goal but currently I am using other .htaccess rules and not sure how to combine all rules together. This is what I have right now in my .htaccess
Options +FollowSymlinks RewriteEngine
on RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^/]+)$
/index.php?page=$1 [QSA,L]
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
首先,我不确定我是否正确理解你的问题,但无论如何我都会尝试一下。
目前您拥有:
您还需要的是:
.htaccess
RewriteRule按其出现的顺序进行检查,因此您可能想做这样的事情,尽管我立场正确,因为还没有' t 有机会检查它是否有效:也就是说,首先检查它是否是一个名为 index.php 的参数文件,该文件应该被重写,如果不是(没有
L标志),则继续下一个规则首先获取新条件,然后如果规则有效,则限制访问(抛出 HTTP 403)。这有道理吗?
无论如何,请尝试上面的 .htaccess 示例,因为正如我所说,我无法测试它。
First of, am not sure i understand correctly your question, but i give it a try anyway.
Currently you have:
What you'd need in addition is:
.htaccess
RewriteRule's are checked in the order they occur, so you might want to do something like this, although I stand corrected because haven't had a chance to check if it'd work:That is, first check if it's an argumented file named index.php which should be rewritten, if not (no
Lflag), go on for the next rule first grabbing a new condition, then if the rule validates, restrict access (throw HTTP 403).Does this make sense?
Anyway, please experiment with the above .htaccess example because as I said, I couldn't test it.