使用.htaccess阻止根目录公开访问 [英] Use .htaccess to prevent root directory from public access
问题描述
我不知道这种事是否可行,但请尝试一下。过去(三年多以前),我在一个MVC教程中了解了这样的解决方案(不确切知道它是怎么回事)。
目录结构
- WebRoot /
- includes /
- config /
- public /
- images /
- js /
- css /
- index.php
- init.php
我想做的是
当用户访问 http://www.mysite.com/a/b/c/
,将所有请求重定向到 /public/index.php
页面。即,对网站的所有请求都将通过 /public/index.php
页面,但 images /
, js /
和 css /
目录,它们位于 public /
中。 / p>
此外, http://www.mysite.com/includes/
将重定向到 index.php
页,并以 $ query
的形式获得 includes /
。
Index.php页面
<?php
//从webroot目录获取初始化文件,该文件将加载所有必需的php文件。
define('ROOT',dirname(dirname(__ FILE__)));
require_once(ROOT。 init.php);
//从网址获取查询(此处,$ query = a / b / c /)
if(isset($ _ GET ['q'])) {
$ query = $ _GET ['q'];
}
//插入图片,css等资源。
echo< img src ='http://www.mysite.com/images/foo.jpg' />;
echo< script src =’http://www.mysite.com/js/bar.js’>< / script>;
?>
这对使用网络托管的用户很有用,但不提供任何帮助目录访问webroot。
编辑
好的,我找到了该站点我得到这个概念的地方。请参阅在根目录和公用目录中使用的两个.htaccess文件。 链接到MVC教程
我假定.htaccess位于 WebRoot
中。
要重写所有请求,您只需使用 RewriteRule
。如果要排除某些路径,请使用一个或多个 RewriteCond
上的RewriteEngine RewriteCond%{REQUEST_URI}! / images /
RewriteCond%{REQUEST_URI}!/ css /
RewriteCond%{REQUEST_URI}!/ js /
RewriteCond%{REQUEST_URI}!/public/index\.php
RewriteRule。* public / index.php?q = $ 0 [L,QSA]
RewriteRule ^ images /.+ public / $ 0 [L]
RewriteRule ^ js /.+ public / $ 0 [L]
RewriteRule ^ css /.+ public / $ 0 [L]
The标志 QSA
将任何其他现有查询字符串作为参数附加到 index.php
。如果您不想追加任何现有查询字符串,则只需保留 QSA
标志即可。
如果要使重写对客户端可见,必须添加 R
标记到 RewriteRule
,即 [R,L,QSA]
或 [R,L]
。
I don't know such thing is possible or not practically, but let's give it a try. In past (more than three years ago), I came to know about solution like this (don't know exactly how it is), in one MVC tutorial.
Directory structure
- WebRoot/
- includes/
- config/
- public/
- images/
- js/
- css/
- index.php
- init.php
What I Want To Do Is
When user access http://www.mysite.com/a/b/c/
, redirect all requests to /public/index.php
page. i.e., all requests to website will go through /public/index.php
page, except images/
, js/
and css/
directories, which are in public/
.
Also, http://www.mysite.com/includes/
will redirect to index.php
page, and get includes/
as $query
.
Index.php page
<?php
// get init file from webroot directory, which will load all required php files.
define ('ROOT', dirname(dirname(__FILE__)));
require_once (ROOT . 'init.php');
// get query from url (here, $query = "a/b/c/")
if(isset($_GET['q'])) {
$query = $_GET['q'];
}
// insert images, css etc. resource
echo "<img src='http://www.mysite.com/images/foo.jpg' />";
echo "<script src='http://www.mysite.com/js/bar.js'></script>";
?>
This will be useful for them who are using web-hosting, which doesn't provide one step up directory access to webroot.
EDIT
OK, I found the site from where I got this concept. See two .htaccess files used in root directory and public directory. Link to MVC tutorial
I assume the .htaccess is in WebRoot
.
To rewrite all requests, you just use RewriteRule
. When you want to exclude some paths, you use one or more RewriteCond
RewriteEngine on
RewriteCond %{REQUEST_URI} !/images/
RewriteCond %{REQUEST_URI} !/css/
RewriteCond %{REQUEST_URI} !/js/
RewriteCond %{REQUEST_URI} !/public/index\.php
RewriteRule .* public/index.php?q=$0 [L,QSA]
RewriteRule ^images/.+ public/$0 [L]
RewriteRule ^js/.+ public/$0 [L]
RewriteRule ^css/.+ public/$0 [L]
The flag QSA
appends any other existing query string as arguments to index.php
. If you don't want to append any existing query string, just leave the QSA
flag out.
If you want the rewrite to be visible to the client, you must add the R
flag to the RewriteRule
, i.e. [R,L,QSA]
or [R,L]
.
这篇关于使用.htaccess阻止根目录公开访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!