如何阻止来自某些国家/地区的访问者访问我的网站 (xyz.com/thisFile.php) 上的文件?
我需要阻止来自某些国家/地区的访问者上传图像 - 但他们应该能够访问该网站。
例如,我有一个网站 xyz.com。按照我当前的设置方式,来自黑名单国家/地区的所有访问者都无法访问该网站本身,并且会收到 403 错误消息。当然,这不是一个好的解决方案,所以我想要进行设置,以便这些用户仍然可以访问和使用该网站,但无法上传图像(通过单击 xyz.com/upload/ 这是 xyz.com/upload_file.php 的别名) 。来自其他白名单国家/地区的所有其他用户显然都应该能够使用该网站的所有功能,但来自黑名单国家/地区的用户除外,他们不应该能够上传其图像。
我如何通过 .htaccess 确保情况如此?我目前在Cloudflare,.htaccess中的相关文本如下:
SetEnvIf CF-IPCountry AA UnwantedCountry=1
SetEnvIf CF-IPCountry BB UnwantedCountry=1
SetEnvIf CF-IPCountry CC UnwantedCountry=1
Order allow,deny
Deny from env=UnwantedCountry
Allow from all
谢谢。
I need to block visitors from certain countries from uploading images - but they should be able to access the site.
For e.g. I've a site xyz.com. The way I have it set up currently, all visitors from blacklisted countries are unable to access the site itself, and are greeted with a 403. This isn't a good solution, of course, so I want to set it up such that these users can still access and play around with the site, but NOT be able to upload images (which is through clicking on xyz.com/upload/ which is an alias for xyz.com/upload_file.php). Every other user from other whitelisted countries should obviously be able to use all of the site's functionalities, save for users from blacklisted countries, who should not be able to upload their images.
How could I ensure this is the case through .htaccess? I am currently on Cloudflare, and the relevant text in .htaccess is as follows:
SetEnvIf CF-IPCountry AA UnwantedCountry=1
SetEnvIf CF-IPCountry BB UnwantedCountry=1
SetEnvIf CF-IPCountry CC UnwantedCountry=1
Order allow,deny
Deny from env=UnwantedCountry
Allow from all
Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
将问题中的这些代码行更改为:
这将限制对这些国家/地区的访问仅限于文件
upload_file.php。Change those lines of code in your question with this:
This will restrict access to those countries only to the file
upload_file.php.它必须是别名吗?您可以创建一个
upload/文件夹,并将 .htaccess 放入其中吗?它可能需要更改一些upload_file.php逻辑,但这对我来说似乎是最简单的修复方法。Does it have to be an alias? Could you just create an
upload/folder, and put the .htaccess in there? It might require changing some of theupload_file.phplogic, but that seems like the easiest fix to me.我认为 .htaccess 文件可以放入 /any/ 子目录中。将文件上传代码移动到目录中并将 .htaccess 控件放在那里?
I think .htaccess files can be put into /any/ subdirectory. Move your file uploading code into a directory and put .htaccess controls there?