HTACCESS - 阻止除指定 SEO 友好 URL 之外的所有内容

发布于 2024-09-27 18:28:27 字数 806 浏览 1 评论 0原文

我还没有找到当前问题的所有答案。

这是网站的根目录：

cache
img
display.php
admin.php

我需要的是阻止所有文件的直接访问，只允许通过格式如下的 url 进行访问：

1 ht*p://sub.domain。 com/image/param/size/folder/img.jpg （param、size、folder、img 为参数）
2 ht*p://sub.domain.com/action/param1/param2/ (param1, param2 是参数)

1 将指向带有正确参数的 display.php
2 将指向具有正确参数的 admin.php
所有其他访问都必须是 404（最多）或 403

我的规则是（htaccess 位于 ht*p://sub.domain.com/）：

RewriteRule ^image/([^/]+)/([0-9]+)/([^/]+)/([^/]+)\.jpg display.php?param=$1&size=$2&folder=$3&img=$4 [L]
RewriteRule ^action/([^/]+)/([^/]+) admin.php?action=$1&param=$2 [L]

这些规则按我想要的方式工作，但我坚持如何阻止任何访问不是来自这些 URL！

另外（作为奖励）我希望能够在不同的网址上使用相同的 htaccess，而不必更改此文件。

提前致谢

原文

I haven't found all the answer to my current problem.

Here is the root of the site:

cache
img
display.php
admin.php

What I need is to block all the direct access of the files and allow only access via url formatted like that:

1 ht*p://sub.domain.com/image/param/size/folder/img.jpg (param, size, folder, img are parameters)
2 ht*p://sub.domain.com/action/param1/param2/ (param1, param2 are parameters)

1 would point to display.php with the correct parameters
2 would point to admin.php with the correct parameters
Every other access must be 404 (at best) or 403

my rules are (the htaccess is in ht*p://sub.domain.com/):

RewriteRule ^image/([^/]+)/([0-9]+)/([^/]+)/([^/]+)\.jpg display.php?param=$1&size=$2&folder=$3&img=$4 [L]
RewriteRule ^action/([^/]+)/([^/]+) admin.php?action=$1¶m=$2 [L]

Those rules work as I want to but I am stuck on how to block any access that does not come from those URL!

Also (as a bonus) I would like to be able to use the same htaccess on diferrent web address without having to change this file.

Thanks in advance

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

美人迟暮 2024-10-04 18:28:27

您是否尝试将图像移出公共文件夹并使用 php 调用该图像？

对于 PHP 文件，您可以使用 switch 语句 (http://www.php.net/switch)。

对于 admin.php 文件，您可以执行以下操作：

$get_action = $_GET['action'];

switch ($get_action) {
    case "edit":
    case "view":
    case "delete":
    case "add":
        //Continue loading the page
        break;
    default:
       header('HTTP/1.1 403 Forbidden');
       die();
}

注意：我不知道您的代码的外观或工作原理，但您可以根据我添加的代码有一个想法。

Have you try moving the image out of the public folder and use php to call the image in?

For the PHP files you can use the switch statement (http://www.php.net/switch).

For the admin.php file you can do something like:

$get_action = $_GET['action'];

switch ($get_action) {
    case "edit":
    case "view":
    case "delete":
    case "add":
        //Continue loading the page
        break;
    default:
       header('HTTP/1.1 403 Forbidden');
       die();
}

Note: I don't know how your code looks or works, but you can have an idea base on the code I added.

回复收藏 0 原文

~没有更多了~