htaccess阻止直接访问文件，同时允许重写规则访问文件 [英] htaccess prevent direct access to files while allowing rewrite rules to access them

问题描述

我一直在使用一系列有效的设置来创建这个非常不错的.htaccess文件.我想知道现在是否有可能仅在拒绝直接访问相同文件的同时允许通过平面链接访问文件.

I've been creating this really nice .htaccess file with a bunch of settings that work great so far. I am wondering if it is possible, now, to allow access to files through flat links only while denying access to the same files directly.

要更好地提出这个问题，请考虑以下内容:
我有一个文件:即myFile.php
在子文件夹中:即my/path/to/file/
该文件的完整路径应为my/path/to/file/myFile.php
通过URL访问该文件，将写为:my.domain.com/my/path/to/file/myFile.php

To better present this question consider the following:
I have a file: i.e. myFile.php
Which is in a subfolder: i.e. my/path/to/file/
The file's full path would then be my/path/to/file/myFile.php
Accessing this file through a URL, one would write: my.domain.com/my/path/to/file/myFile.php

在我的.htaccess文件中，我编写了一个重写规则，类似于以下代码行(在某些RewriteCond之前，以确保分别满足有关主机和文件名的条件):

In my .htaccess file, I have written a rewrite rule, similar to the following line of code (preceded by some RewriteCond's that ensure conditions are met regarding the host and filenames respectively):

RewriteRule ^home$ \/my\/path\/to\/file\/myFile.php [NC,L]

这意味着试图进入我的页面my/path/to/file/myFile.php的某人可以简单地编写my.domain.com/home而不是难看的路径my.domain.com/my/path/to/file/myFile.php.

This means that someone trying to get to my page my/path/to/file/myFile.php can simply write my.domain.com/home instead of the ugly path my.domain.com/my/path/to/file/myFile.php.

我要问的是:
如果某人或机器尝试访问my.domain.com/my/path/to/file/myFile.php，同时允许通过my.domain.com/home访问文件，是否可以阻止对myFile.php的访问?

What I am asking is:
Is it possible to block access to myFile.php if a person or machine attempts to go to my.domain.com/my/path/to/file/myFile.php, all the while allowing access to the file through my.domain.com/home?

对此有任何帮助，我们将不胜感激

Any help regarding this is greatly appreciated

推荐答案

如果某人或机器尝试访问my.domain.com/my/path/to/file/myFile.php，是否有可能阻止对myFile.php的访问，同时始终允许通过my.domain.com/home

Is it possible to block access to myFile.php if a person or machine attempts to go to my.domain.com/my/path/to/file/myFile.php, all the while allowing access to the file through my.domain.com/home

是的，可以使用THE_REQUEST变量，它表示Apache从您的浏览器收到的原始请求，并且在执行某些重写规则后不会被覆盖.

Yes it is possible using THE_REQUEST variable, represents original request received by Apache from your browser and it doesn't get overwritten after execution of some rewrite rules.

您可以使用此规则来阻止直接访问该特定文件:

You can use this rule to block direct access to that particular file:

RewriteCond %{THE_REQUEST} /my/path/to/file/myFile\.php[?/\s] [NC]
RewriteRule ^ - [F]

这篇关于htaccess阻止直接访问文件，同时允许重写规则访问文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！