Apache的RewriteMap指令用于prevent直接对文件的访问 [英] Apache RewriteMap Used to Prevent Direct Access to Files
问题描述
我想使用的RewriteMap指令函数的结果有条件地允许访问的目录。
其意图是读从cookie(my_cookie)时间戳,并将其通入RewriteMap指令(my_rewrite_map_func),其余在httpd.conf定义(这是其中回声字符串可执行TRUE或FALSE中的if时间戳标准输出饼干是有一定范围的当前时间的Apache)之内。
I am trying to use the result of a RewriteMap function to conditionally allow access to a directory.
The intention is to read a timestamp from a cookie (my_cookie) and pass it into the RewriteMap (my_rewrite_map_func) which I have defined in httpd.conf (It's an executable which echos strings "TRUE" or "FALSE" to stdout if the timestamp in the cookie is within a certain range of the current time in Apache).
RewriteMap my_rewrite_map_func prg:/var/www/program
我的.htaccess文件的内容是:
The contents of my .htaccess file are:
RewriteEngine On
RewriteCond %{HTTP_COOKIE} my_cookie=([^;]+) [NC]
RewriteCond ${my_rewrite_map_func:%{TIME}%1|FALSE},FALSE ^([^,]+),\1 [NC]
RewriteRule ^(.*)$ / [NC,L,QSA,F]
我可以证实,自己正在计划中,cookie被读取,和Apache时间戳和cookie的时间戳是在允许范围内。
I can confirm that the program itself is working, the cookie is being read, and the Apache timestamp and the cookie timestamp are within the allowed range.
在第二的RewriteCond检查正则表达式如果$返回值。{my_rewrite_map_func:%{时间}%1 | FALSE}为假,但是,不管是什么我设置为中,将重写规则不会发生
The regex on the second RewriteCond checks if the return value of ${my_rewrite_map_func:%{TIME}%1|FALSE} is FALSE, however, regardless of what I set this to, the RewriteRule never occurs.
从本质上讲,我不能确定如何评估值$ {my_rewrite_map_func:%{时间}%1 | FALSE}。有没有一种方法可以让我更好地提取或存放的该值?
Essentially, I cannot determine how to evaluate the value of ${my_rewrite_map_func:%{TIME}%1|FALSE}. Is there a way I can better extract or store the value of this?
任何帮助将是最AP preciated。
Any help would be most appreciated.
更新 - 解决方案: 我不知道为什么这个问题被标记为偏离主题,它涉及到保护HTML文件从一个PHP脚本通过使用mod_rewrite来调用C ++程序的Apache的.htaccess文件的方式。
UPDATE - SOLUTION: I'm not sure why this question was flagged as off topic, it relates to protecting html files from a php script by means of an Apache .htaccess file using mod_rewrite to call a C++ program.
无论如何,上述code完全在结合使用两个额外的线条时的处理不存在的cookie的情况:
Regardless, the above code works perfectly when used in conjunction with two additional lines to handle the case of the cookie not existing:
RewriteCond %{HTTP_COOKIE} !^.*my_cookie.*$ [NC]
RewriteRule ^(.*)$ / [NC,L,QSA,F]
希望这将有助于其他人谁经历过困难同样的问题;似乎很少有成功与网络上其他地方的这种
Hopefully this will help others who have experienced difficulty with the same issue; it seems there has been little success with this elsewhere on the web.
我的具体情况处理preventing直接访问HTML和其他文件,而无需直接修改它们,或使用下载脚本。 PHP code用于生成链接到这些文件,从中Javascript的执行AJAX调用来检索服务器的时间戳,并设置一个cookie的网页。在cookie中的时间戳是相对于时间的Apache在页面加载,如果它是在一定范围内允许访问。
My specific case deals with preventing direct access to html and other files without modifying them directly, or using a download script. PHP code is used to generate a page with links to these files, from which Javascript performs an ajax call to retrieve the server's timestamp and sets a cookie. The timestamp in the cookie is compared to the time in Apache at page load, if it's within a certain range access is granted.
推荐答案
下面是我该怎么办(你可能会认为这是一个很大的指令,但它的sooo快相比,PHP处理,你不应该担心5(或其它)电导率,而不是2(或其它)):
Here's how I do (you may think it's a lot of instructions, but it's sooo quick compared to PHP handling that you should not worry about 5 (or something) cond instead of 2 (or something)):
RewriteEngine On
RewriteCond %{HTTP_COOKIE} my_cookie=([^;]+) [NC]
# Don't touch anything but create MYCOOKIE environment
# and set it to empty if not found:
RewriteRule . - [E=MYCOOKIE:${my_rewrite_map_func:%{TIME}%1|}]
# If the environment was found = not empty:
RewriteCond %{E:MYCOOKIE} !^$ [NC]
# ... then process a rewrite rule:
RewriteRule [blabla...blabla]
我做一些类似的东西50倍,我的Web服务器仍然是惊人的快。 (瓶颈是数据库)
I do some stuff like that 50 times and my web server is still amazingly fast. (the bottleneck is the database)
希望这有助于
这篇关于Apache的RewriteMap指令用于prevent直接对文件的访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
