如何限制/禁止访问特定的文件类型，如.js文件的CSS里面.htaccess文件？ [英] How to restrict/forbid access to specific file types such as .js .css inside a .htaccess file?

问题描述

如果远程用户知道该文件的确切位置，他仍然能够从浏览器访问该文件。一个人怎么能找到有关私人文件的位置？嗯，这其实并不重要太多，但他可能会看到的路径，或文件，在一个警告消息显示，或者文件可能浏览的（有没有隐藏的文件的目录索引）。因此，如果有，你要不能在任何情况下向远程用户提供特殊文件'，那么你将不得不拒绝与他们接触。但问题是怎么了？

If the remote user knows the exact location of the file, he will still be able to access the file from a browser. How can someone find out about the location of the private file? well this doesn’t really matter too much, but he might see paths, or files, shown in a warning messages, or the files might be browsable (there is no hiding of the files in the directory indexes). So if there are ‘special files’ that you want to not be served in any case to remote users then you will have to deny access to them. But the question is HOW?

在我在我的根目录文件夹中的.htaccess文件：

Inside my .htaccess file in my webroot folder:

<FilesMatch "\.(js|css)$">
Order deny,allow
Allow from all
</FilesMatch>

但是，这并不似乎工作.. :-(
我使用的Apache 2.2

But that doesn't seems to work.. :-(
I'm using Apache 2.2

推荐答案

您code相pretty的从code不同发现的此处。怎么样想：

Your code looks pretty different from the code found here. What about trying:

<Files ~ "(.js|.css)">
Order allow,deny
Deny from all
</Files>

这篇关于如何限制/禁止访问特定的文件类型，如.js文件的CSS里面.htaccess文件？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！