使用.htaccess阻止根目录公开访问 [英] Use .htaccess to prevent root directory from public access
问题描述
我不知道这种事是否可行,但请尝试一下。过去(三年多以前),我在一个MVC教程中了解了这样的解决方案(不确切知道它是怎么回事)。
目录结构
- WebRoot /
- includes /
- config /
- public /
- images /
- js /
- css /
- index.php
- init.php
我想做的是
当用户访问 http://www.mysite.com/a/b/c/ ,将所有请求重定向到 /public/index.php 页面。即,对网站的所有请求都将通过 /public/index.php 页面,但 images / , js / 和 css / 目录,它们位于 public / 中。 / p>
此外, http://www.mysite.com/includes/ 将重定向到 index.php 页,并以 $ query 的形式获得 includes / 。
Index.php页面
<?php
//从webroot目录获取初始化文件,该文件将加载所有必需的php文件。
define('ROOT',dirname(dirname(__ FILE__)));
require_once(ROOT。 init.php);
//从网址获取查询(此处,$ query = a / b / c /)
if(isset($ _ GET ['q'])) {
$ query = $ _GET ['q'];
}
//插入图片,css等资源。
echo< img src ='http://www.mysite.com/images/foo.jpg' />;
echo< script src =’http://www.mysite.com/js/bar.js’>< / script>;
?>
这对使用网络托管的用户很有用,但不提供任何帮助目录访问webroot。
编辑
好的,我找到了该站点我得到这个概念的地方。请参阅在根目录和公用目录中使用的两个.htaccess文件。 链接到MVC教程
我假定.htaccess位于 WebRoot 中。
要重写所有请求,您只需使用 RewriteRule 。如果要排除某些路径,请使用一个或多个 RewriteCond
上的RewriteEngine RewriteCond%{REQUEST_URI}! / images /
RewriteCond%{REQUEST_URI}!/ css /
RewriteCond%{REQUEST_URI}!/ js /
RewriteCond%{REQUEST_URI}!/public/index\.php
RewriteRule。* public / index.php?q = $ 0 [L,QSA]
RewriteRule ^ images /.+ public / $ 0 [L]
RewriteRule ^ js /.+ public / $ 0 [L]
RewriteRule ^ css /.+ public / $ 0 [L]
The标志 QSA 将任何其他现有查询字符串作为参数附加到 index.php 。如果您不想追加任何现有查询字符串,则只需保留 QSA 标志即可。
如果要使重写对客户端可见,必须添加 R 标记到 RewriteRule ,即 [R,L,QSA] 或 [R,L] 。
I don't know such thing is possible or not practically, but let's give it a try. In past (more than three years ago), I came to know about solution like this (don't know exactly how it is), in one MVC tutorial.
Directory structure
- WebRoot/
- includes/
- config/
- public/
- images/
- js/
- css/
- index.php
- init.php
What I Want To Do Is
When user access http://www.mysite.com/a/b/c/, redirect all requests to /public/index.php page. i.e., all requests to website will go through /public/index.php page, except images/, js/ and css/ directories, which are in public/.
Also, http://www.mysite.com/includes/ will redirect to index.php page, and get includes/ as $query.
Index.php page
<?php
// get init file from webroot directory, which will load all required php files.
define ('ROOT', dirname(dirname(__FILE__)));
require_once (ROOT . 'init.php');
// get query from url (here, $query = "a/b/c/")
if(isset($_GET['q'])) {
$query = $_GET['q'];
}
// insert images, css etc. resource
echo "<img src='http://www.mysite.com/images/foo.jpg' />";
echo "<script src='http://www.mysite.com/js/bar.js'></script>";
?>
This will be useful for them who are using web-hosting, which doesn't provide one step up directory access to webroot.
EDIT
OK, I found the site from where I got this concept. See two .htaccess files used in root directory and public directory. Link to MVC tutorial
I assume the .htaccess is in WebRoot.
To rewrite all requests, you just use RewriteRule. When you want to exclude some paths, you use one or more RewriteCond
RewriteEngine on
RewriteCond %{REQUEST_URI} !/images/
RewriteCond %{REQUEST_URI} !/css/
RewriteCond %{REQUEST_URI} !/js/
RewriteCond %{REQUEST_URI} !/public/index\.php
RewriteRule .* public/index.php?q=$0 [L,QSA]
RewriteRule ^images/.+ public/$0 [L]
RewriteRule ^js/.+ public/$0 [L]
RewriteRule ^css/.+ public/$0 [L]
The flag QSA appends any other existing query string as arguments to index.php. If you don't want to append any existing query string, just leave the QSA flag out.
If you want the rewrite to be visible to the client, you must add the R flag to the RewriteRule, i.e. [R,L,QSA] or [R,L].
这篇关于使用.htaccess阻止根目录公开访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
