我正在使用 CodeIgniter,并在 .htaccess 中添加了一些规则,将所有对 index.php/a/b 的请求重定向到 /a/b
这些是规则:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
我想在 apache 中禁用目录列表,所以我添加了以下规则:
Options -Indexes
问题是,一旦我添加此规则,它会禁用目录列表,但也会将任何调用重定向到特定文件夹(不包含索引.* 文件)到 CodeIgniter 控制器(该控制器不存在,并生成 404 错误)。
之前:访问 /X 文件夹将返回目录列表
之后:访问 /X 文件夹将静默调用 index.php/X 并返回 404 错误。
我希望对 /X 及其中的任何子文件夹的任何访问都只会返回 403 禁止错误(或任何不涉及运行 php 脚本的错误),而不是调用 index.php/X (我希望用户能够访问 /X 及其子文件夹中的文件,但不允许用户查看 /X 及其子文件夹的目录列表)。
我尝试过,但没有成功:
- 添加
- 在
RewriteRule ^(.*)$ index.php 之前添加 RewriteCond $1 !^(X.*|/X.*) 规则/$1 [L](见上文)。这似乎不起作用。
我应该在 .htaccess 中写什么来解决这个问题?
I'm using CodeIgniter and I added some rules in .htaccess to redirect all requests to index.php/a/b to /a/b
These are the rules:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
I want to disable directory listing in apache, so I added the following rule:
Options -Indexes
The problem is that once I added this rule, it disables directory listing but also redirects any call to a specific folder (that doesn't contains an index.* file) to a CodeIgniter Controller (which doesn't exists, and generates a 404 error).
Before: access to a /X folder would return a directory listing
After: access to a /X folder would call index.php/X silently and return a 404 error.
I want that any access to /X and any subfolder in it simply return a 403 forbidden error (or any error that doesn't involve running a php script), not call index.php/X (I want to users to be able to access files in /X and its subfolders, but not allow users to see a directory listing of /X and its subfolders).
I have tried, without success:
- adding a
<Directory "/X"> rule. Looks like i can't use it in my .htaccess
- adding a
RewriteCond $1 !^(X.*|/X.*) rule before RewriteRule ^(.*)$ index.php/$1 [L] (see above). It doesn't seem to work.
What should I write in .htaccess to solve this problem ?
发布评论
评论(2)
要排除以
/X开头的任何文件夹,请使用下面添加的#1ReWriteCond。要为
/X和子目录返回 403,请取消注释 #1 之后的两行,并注释 #2 之后的行。顺序很重要,所以如果你想让它发挥作用,这条规则必须放在第一位To exclude any folder starting with
/Xuse the added #1ReWriteCondbelow.To return a 403 for
/Xand sub-directories, uncomment the two lines following #1, and comment the line following #2. Order is important, so this rule must come first if you want it to work您不能在 .htaccess 中使用
现在你的问题了。您想要检测对目录
/X的直接访问,并为此发送一个 http 错误代码。要将此规则扩展到所有不包含 index.php 文件的目录/foo或/foo/bar我只需编写:You cannot use
<Directory /X>in a .htaccess because a .htaccess is a<Directory>instruction, exported outside of the apache compiled configuration, and checked at runtime for every request. yes .htaccess is bad and performs very slow, but that also mean you could remove all your .htaccess and replace it with the right<Directory>things in the apache configuration files if you have access to such files.Now your problem. You want to detect directaccess to a directory,
/X, and send an http error code for that. To extend this rule to all directories/fooor/foo/barwhich do not contains index.php files I would simply write: