拒绝通过 htaccess 直接访问文件夹和文件 [英] deny direct access to a folder and file by htaccess

问题描述

场景如下:

• 根文件夹中有一个index.php文件
• 一些文件包含在 index.php 中，它们位于 includes 文件夹中.
• 1 个其他文件 (submit.php) 位于表单提交操作的根文件夹中.

• There is a index.php file in root folder
• some files are included in index.php which are in the includes folder.
• 1 other file (submit.php) is in the root folder for form submit action.

我想通过 htaccess 限制用户直接访问 includes 文件夹中的文件.也适用于 submit.php.但包含将适用于 index.php 文件.比如，如果用户输入www.domain.com/includes/somepage.php，它会限制它(可能会重定向到错误页面).

I want to restrict direct user access to the files in includes folder by htaccess. also for submit.php. But include will work for index.php file. Like, if user types www.domain.com/includes/somepage.php, it will restrict it (may be redirect to a error page).

推荐答案

我只想将 includes 文件夹移出 web 根目录，但如果你想阻止直接访问整个 includes 文件夹，您可以在该文件夹中放置一个 .htaccess 文件，其中仅包含:

I would just move the includes folder out of the web-root, but if you want to block direct access to the whole includes folder, you can put a .htaccess file in that folder that contains just:

deny from all

这样你就不能打开那个文件夹中的任何文件，但是你可以将它们包含在 php 中而没有任何问题.

That way you cannot open any file from that folder, but you can include them in php without any problems.

这篇关于拒绝通过 htaccess 直接访问文件夹和文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！