仅允许本地主机访问包含所有包含php文件的文件夹 [英] Allowing only localhost to access a folder where all inclusive php files exist

问题描述

我们都有类似"connect_db.php"之类的php文件，仅用于包含目的.

We all have php files like 'connect_db.php' for include purposes only.

假设我在"www/html/INC"中包含所有包含在内的.php文件

Suppose I have all those inclusive .php files in "www/html/INC"

我有index.php

And I have index.php

我希望每个人都可以从浏览器访问index.php，但是我想阻止用户直接访问"www/html/INC"文件夹. (例如，在浏览器"www.domain.com/INC/"中输入-> 404错误等)

I want index.php accessible from browser to everyone, but I want to prevent users' direct access to "www/html/INC" folder. (e.g. when type in the browser 'www.domain.com/INC/' -> 404 error etc)

我该如何实现?

最好在根目录中使用.htaccess文件.

Preferrably using .htaccess file in the root directory please.

推荐答案

我该如何实现?

How do I achieve this?

不要.根据我以前的答案，将connect_db.php放在/www/中而不是/www/html/INC/中更加安全.如果您打算这样做，则可以使用/www/html/.htaccess:

Don't. As per my previous answer, it's much more secure to put connect_db.php in /www/, not in /www/html/INC/. If you are going to do so, then you'd use /www/html/.htaccess:

<Directory "/www/html/INC">
   order allow,deny
   deny from all
</Directory>

这篇关于仅允许本地主机访问包含所有包含php文件的文件夹的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！