.htaccess。拒绝根目录,允许特定子文件夹。可能的?

发布于 2024-12-08 01:29:05 字数 415 浏览 1 评论 0原文

如何拒绝访问 http://sub.mydomain.com/,但允许(完全)< a href="http://sub.mydomain.com/test" rel="noreferrer">http://sub.mydomain.com/test (或 http://sub.mydomain.com/test/)

http://sub.mydomain.com/test/

How can I deny access to http://sub.mydomain.com/, but allow for (completely) http://sub.mydomain.com/test (or http://sub.mydomain.com/test/)

There is a magento back-end behind http://sub.mydomain.com/test/

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(6

思慕 2024-12-15 01:29:05

.htaccess 指令应用于该目录及其所有子目录,因此您应该禁止在 DocumentRoot 中进行访问,

http://sub.mydomain.com/.htaccess

Order deny,allow
Deny from all

并覆盖它在您希望允许访问的任何特定子目录中,

http://sub.mydomain.com/test/ .htaccess

Order allow,deny
Allow from all

.htaccess directives apply to that directory, and all subdirectories thereof, so you should disallow access in your DocumentRoot,

http://sub.mydomain.com/.htaccess:

Order deny,allow
Deny from all

And override that in any specific subdirectories you would like to allow access to,

http://sub.mydomain.com/test/.htaccess:

Order allow,deny
Allow from all
楠木可依 2024-12-15 01:29:05

根目录下的 .htaccess 怎么样,其中包含以下几行?

RewriteEngine On
# check if request is for subdomain
RewriteCond %{HTTP_HOST} ^sub.mydomain.com$ [NC]
# check if  'test' isnt part of request
RewriteCond %{REQUEST_URI} !^/test/?(.*)$ [NC]
# if subdomain and no 'test' part, redirect to main domain...
RewriteRule ^(.*)$ http://www.mydomain.com/$1 [R,L]

因此,如果存在“/test/”部分,则不会发生重定向...

How about a .htaccess at the root directory, with the following lines?

RewriteEngine On
# check if request is for subdomain
RewriteCond %{HTTP_HOST} ^sub.mydomain.com$ [NC]
# check if  'test' isnt part of request
RewriteCond %{REQUEST_URI} !^/test/?(.*)$ [NC]
# if subdomain and no 'test' part, redirect to main domain...
RewriteRule ^(.*)$ http://www.mydomain.com/$1 [R,L]

So if the '/test/' section is present, no redirect takes place...

捂风挽笑 2024-12-15 01:29:05

尝试在 sub.mydomain.com 中创建 .htaccess 文件以表示拒绝,并在 sub.mydomain.com/test 中创建 .htaccess 文件以表示允许。

或者您可以从 http://sub.mydomain.com/ 重定向以拒绝子目录。

Try create .htaccess file in sub.mydomain.com for deny, and in sub.mydomain.com/test for allow.

Or you can redirect from http://sub.mydomain.com/ to deny subdir.

短叹 2024-12-15 01:29:05

我知道这是一个非常古老的线程,但我已经为这种情况苦苦挣扎了好几天,终于让它工作了,因此我想我应该分享我的解决方案以供进一步参考。

从 Apache 版本 2.4 开始(我猜),可以使用指令
这可用于允许访问特定的子文件夹。

我的 .htaccess 解决方案(受此网站启发:https:// www.the-art-of-web.com/system/apache-authorization/):

SetEnvIf REQUEST_URI "^/test/.*" PUBLICACCESS
# Use for multiple subfolders:
# SetEnvIf REQUEST_URI "^/(?:test|test2|test3|test4)/.*" PUBLICACCESS
<RequireAny>
    <RequireAll>
        # Public access
        Require env PUBLICACCESS
        Require all granted
    </RequireAll>
    <RequireAll>
        # Require user and password
        AuthType Basic
        AuthName "Secured"
        AuthUserFile /var/www/example.com/.htpasswd
        Require valid-user
    </RequireAll>
</RequireAny>

I know this is a very old thread, but I've been struceling with exactly this scenario for several days and finally got it to work, thus I thought I'd share my solution for further reference.

As of Apache version 2.4 (I guess), it's possible to use directive <RequireAll> and <RequireAny>.
This can be used to allow access to specific subfolders.

My solution for .htaccess (inspired from this site: https://www.the-art-of-web.com/system/apache-authorization/):

SetEnvIf REQUEST_URI "^/test/.*" PUBLICACCESS
# Use for multiple subfolders:
# SetEnvIf REQUEST_URI "^/(?:test|test2|test3|test4)/.*" PUBLICACCESS
<RequireAny>
    <RequireAll>
        # Public access
        Require env PUBLICACCESS
        Require all granted
    </RequireAll>
    <RequireAll>
        # Require user and password
        AuthType Basic
        AuthName "Secured"
        AuthUserFile /var/www/example.com/.htpasswd
        Require valid-user
    </RequireAll>
</RequireAny>
两仪 2024-12-15 01:29:05

我正在使用 cpanel 支持的服务器,它将添加如下所示的 .htaccess 条目:

#----------------------------------------------------------------cp:ppd
# Section managed by cPanel: Password Protected Directories     -cp:ppd
# - Do not edit this section of the htaccess file!              -cp:ppd
#----------------------------------------------------------------cp:ppd
AuthType Basic
AuthName "Protected"
AuthUserFile "/home/****/.htpasswds/sites/****/passwd"
Require valid-user
#----------------------------------------------------------------cp:ppd
# End section managed by cPanel: Password Protected Directories -cp:ppd
#----------------------------------------------------------------cp:ppd

我想允许访问特定的子文件夹,解决方案是在该子文件夹中创建一个 .htaccess 文件并将以下内容放入其中:

Satisfy any

I'm using a cpanel powered server which will add .htaccess entries like the following:

#----------------------------------------------------------------cp:ppd
# Section managed by cPanel: Password Protected Directories     -cp:ppd
# - Do not edit this section of the htaccess file!              -cp:ppd
#----------------------------------------------------------------cp:ppd
AuthType Basic
AuthName "Protected"
AuthUserFile "/home/****/.htpasswds/sites/****/passwd"
Require valid-user
#----------------------------------------------------------------cp:ppd
# End section managed by cPanel: Password Protected Directories -cp:ppd
#----------------------------------------------------------------cp:ppd

I wanted to allow access to a specific subfolder, and the solution was creating an .htaccess file within that subfolder and placing the following inside:

Satisfy any
三生池水覆流年 2024-12-15 01:29:05

如果您已通过身份验证保护您的 DocumentRoot,则可以通过以下方式允许您的子文件夹:

http://sub .mydomain.com/test/.htaccess

require all granted
Order allow,deny
Allow from all

If you have protected your DocumentRoot by Auth, then you can allow your Subfolder by follow:

http://sub.mydomain.com/test/.htaccess:

require all granted
Order allow,deny
Allow from all
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文