.htacess 拒绝子目录访问,但保留 URL(强制 403?)
我一直在接近我想要的东西,但我还没有完全实现。基本上,我需要阻止对子目录的直接访问,但将其视为自定义错误消息而不是重定向。我需要维护 URL,以便 index.php 文件可以看到请求的文件名,并根据它过滤站点成员权限,然后返回文件本身。我认为,如果我可以在拒绝访问时强制出现 403 错误,那么 ErrorDocument 将接管。以下 .htaccess 位于“files_dir”目录中。 ErrorDocuments 已经为我工作了一段时间,但拒绝访问带来了麻烦:
<Files ~ "^/files_dir/protected_dir/.*$">
Order allow,deny
Deny from all
Satisfy All
</Files>
ErrorDocument 404 /files_dir/index.php
ErrorDocument 403 /files_dir/index.php
ErrorDocument 405 /files_dir/index.php
I keep getting close to what I want, but I'm not quite there. Basically, I need to block direct access to a subdirectory, but treat it like a custom error message and not a redirect. I need to maintain the URL so that an index.php file can see the requested filename, and filter site member permissions against it, and then return the file itself. I think, if I can force a 403 error on denied access, then the ErrorDocument would take over. The following .htaccess is in the "files_dir" directory. the ErrorDocuments have already been working for me for a while, but the denied access is giving trouble:
<Files ~ "^/files_dir/protected_dir/.*$">
Order allow,deny
Deny from all
Satisfy All
</Files>
ErrorDocument 404 /files_dir/index.php
ErrorDocument 403 /files_dir/index.php
ErrorDocument 405 /files_dir/index.php
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我会用重写规则来解决这个问题:
这不会导致重定向(URL 在浏览器中保持不变),但会返回 403 Forbidden。
I would approach this with a rewrite rule:
This won't cause a redirect (the URL would stay intact in the browser), but would return 403 Forbidden.
不明白为什么你想让 apache 发送 403。你可以用 php 来做到这一点。您唯一需要的是将受保护目录中的所有 url 重写为index.php。
然后在PHP中
Don't get why you want apache to send the 403. You could just do that with php. The only thing you need is to rewrite all urls in the protected dir to index.php.
then in php