阻止外部访问的目录,但允许SSI访问(或者,如何在`FilesMatch`指导实际工作?) [英] Blocking external access to directory but allowing SSI access (or, How does the `FilesMatch` directive actually work?)
问题描述
在一个古老的网站,在这里我使用的是PHP,我在目录中有一个的.htaccess / noaccess下作为如下:
On an old site, where i was using PHP, I had a .htaccess in directory /noaccess as follows:
# /noaccess/.htaccess
<FilesMatch "^.*$">
order allow,deny
deny from all
</FilesMatch>
和我有一个PHP文件一样,
And I had a PHP file like,
<html>
<body>
<?php include('noaccess/blah.ssi'); ?>
</body>
</html>
这工作正常,内容 blah.ssi 是可见的。
This works fine and the contents of blah.ssi is visible.
不过,在我目前的网站我使用SSI和以下内容:
However, on my current site I'm using SSI and the following:
<html>
<body>
<!--#include virtual="noaccess/blah.ssi" -->
</body>
</html>
不起作用。该日志显示不能包括noaccess下/ blah.ssi。删除 FilesMatch 指令和它的作品。所以我显然误解了如何指挥的作品,我不知道它会阻止Apache的本身。那么,如何可以阻止网页访问,但允许SSI访问? (我想我可以(也应该)存放我不希望外界的public_html 的访问,但是似乎并没有工作,无论是在SSI包含的东西 - 但无论如何,即使做到了,我想知道如何做到这一点)。
does not work. The logs show unable to include "noaccess/blah.ssi". Remove the FilesMatch directive and it works. So I'm obviously misunderstanding how that command works, I didn't realise it would block Apache itself. So how can I block access from the web but allow SSI access? (I thought I could (and should) store the stuff I don't want accessed outside of public_html but that doesn't seem to work either in the SSI include - but anyway, even if it did, I'm interested to know how to do this).
谢谢你,T。
推荐答案
如果你只是想不让别人看到你的文件,如果他们在地址栏输入它,那么你可以没有索引把它们放在一个目录( -Indexes )和未发表的名称,如果你从来没有透露文件(SSI不做)的名字,那么你只需要,如果有人猜对一个担忧。您可以根据引荐,或类似的东西不允许始终阻止访问。
if you only wanted to not allow people to see your files if they enter it in an address bar, then you could put them in a directory with no indexes (-Indexes) and an unpublished name and if you never reveal the names of the files (which SSI does not do), then you only need worry if someone guesses one correctly. You can always block access by disallowing according to referrer, or something similar.
这篇关于阻止外部访问的目录,但允许SSI访问(或者,如何在`FilesMatch`指导实际工作?)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
