仅允许本地主机访问包含所有包含php文件的文件夹 [英] Allowing only localhost to access a folder where all inclusive php files exist
问题描述
我们都有类似"connect_db.php"之类的php文件,仅用于包含目的.
We all have php files like 'connect_db.php' for include purposes only.
假设我在"www/html/INC"中包含所有包含在内的.php文件
Suppose I have all those inclusive .php files in "www/html/INC"
我有index.php
And I have index.php
我希望每个人都可以从浏览器访问index.php,但是我想阻止用户直接访问"www/html/INC"文件夹. (例如,在浏览器"www.domain.com/INC/"中输入-> 404错误等)
I want index.php accessible from browser to everyone, but I want to prevent users' direct access to "www/html/INC" folder. (e.g. when type in the browser 'www.domain.com/INC/' -> 404 error etc)
我该如何实现?
最好在根目录中使用.htaccess文件.
Preferrably using .htaccess file in the root directory please.
推荐答案
我该如何实现?
How do I achieve this?
不要.根据我以前的答案,将connect_db.php放在/www/中而不是/www/html/INC/中更加安全.如果您打算这样做,则可以使用/www/html/.htaccess:
Don't. As per my previous answer, it's much more secure to put connect_db.php in /www/, not in /www/html/INC/. If you are going to do so, then you'd use /www/html/.htaccess:
<Directory "/www/html/INC">
order allow,deny
deny from all
</Directory>
这篇关于仅允许本地主机访问包含所有包含php文件的文件夹的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!