htaccess禁止访问.php并仅允许使用RewriteRule [英] htaccess prevent access to .php and allow only with RewriteRule

问题描述

我有一个带有以下RewriteRules的文件.htaccess:

I have a file .htaccess with these RewriteRules:

RewriteEngine On
RewriteRule ^login$ login.php [L]
RewriteRule ^index$ index.php [L]
RewriteRule ^page/([^/]+)/?$ page.php?id=$1 [L,QSA]

可以阻止直接访问所有这些文件，但是仅允许使用RewriteRule

例如，如果有人致电:"domain.com/登录"，则会看到该页面.

For example if someone call: "domain.com/login" should see the page.

但是，如果有人致电"domain.com/ login.php "，则不应这样做(在这种情况下，应该会看到403或404错误)

But if someone call "domain.com/login.php" should not (in this case should see a 403 or 404 error)

推荐答案

您可以使用其他规则来阻止直接访问.php文件:

You can have an additional rule for blocking direct access to .php files:

RewriteEngine On

RewriteCond %{THE_REQUEST} /.+?\.php[\s?] [NC]
RewriteRule ^ - [F]

RewriteRule ^page/([^/]+)/?$ page.php?id=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{DOCUMENT_ROOT}/$1\.php -f [NC]
RewriteRule ^(.+?)/?$ /$1.php [L]

这篇关于htaccess禁止访问.php并仅允许使用RewriteRule的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！