如何拒绝一个文件夹使用htaccess的直接访问 [英] How to deny direct access to a folder using htaccess
问题描述
我的网站是所有关于图像。所以我想找到一种方法,prevent直接访问图像文件夹使用(我猜)的.htaccess。
从我读过的一种方法是将图像文件夹出网页根,然后用下面的code添加一个.htaccess文件:
所有否认
因此,这里是我的问题:
-
我会不会有什么问题,如果我不将文件夹移动网站根目录之外?因为我将不得不做出很多的所有页面中更改code的。什么是背后的网络的根目录之外移动图像文件夹的逻辑是什么?
-
是否有任何其他安全的方式来做到这一点?我担心如果添加的.htaccess,将拒绝访问所有的图像,然后我将不能够分享我的网页,并在其中使用的图像。
更新:
怎么样,如果我用下面的code,将$我的图片的对$ pvent盗链但它允许特定的网站。
RewriteEngine叙述上
的RewriteCond%{HTTP_REFERER}!^ $
的RewriteCond%{HTTP_REFERER} ^ HTTP(S):!?//(WWW \\)yourdomain.com [NC]
的RewriteCond%{HTTP_REFERER} ^ HTTP(S):!?//(WWW \\)yordomain2.com [NC]
的RewriteCond%{HTTP_REFERER} ^ HTTP(S):!?//(WWW \\)yordomain3.com [NC]
重写规则\\(JPG格式| JPEG | PNG | GIF)$的http://网页到重定向[NC,R,L]
我使用了同样的问题:
选项-Indexes
RewriteEngine叙述在
#只从本网站
的RewriteCond%{HTTP_REFERER}!^ $
的RewriteCond%{HTTP_REFERER} ^ HTTPS:!?//(WWW \\)YOURDOMAIN \\ .COM [NC]
重写规则\\(JPE G | GIF | PNG | BMP?)$ - [NC,F]。#为prevent访问爬虫
的RewriteCond%{HTTP_USER_AGENT}(?:谷歌| tineye)[NC]
重写规则\\(JPE G | GIF | BMP | PNG?)$ - [NC,F]。
这并不阻止访问的图像,但访问其他网站的页面。
My website is all about images. So I want to find a way to prevent direct access to images folder using (I guess) .htaccess. From what I've read one way is to move the images folder out of the web-root and then add an .htaccess file with the following code:
deny from all
So here are my questions:
Will I have any problems if I don't move the folder outside the web-root? Because I will have to make a lot of changes to the code in all pages. What's the logic behind moving the images folder outside the web-root?
Is there any other safe way to do this? I am worrying that If add .htaccess that will deny access to all images then I won't be able to share my pages and use the images in them.
UPDATE:
What about if I use the following code that will prevent hotlinking of my images but will allow it to specific websites.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yordomain2.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yordomain3.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ http://page-to-redirect [NC,R,L]
I use that for the same problem:
Options -Indexes
RewriteEngine On
# Only from this website
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?yourdomain\.com [NC]
RewriteRule \.(jpe?g|gif|png|bmp)$ - [NC,F]
# To prevent access to crawlers
RewriteCond %{HTTP_USER_AGENT} (?:google|tineye) [NC]
RewriteRule \.(jpe?g|gif|bmp|png)$ - [NC,F]
It does not really blocks access to images, but access from other websites pages.
这篇关于如何拒绝一个文件夹使用htaccess的直接访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!