的.htaccess块PHP Referer的文件访问 [英] .htaccess Block PHP Referer File access

问题描述

我有我的服务器上的PHP文件，我不希望任何人没有正确的引用来访问它。

I have a PHP file on my server and I don't want anyone without the correct refer to access it.

这是我的工作是当前规则。

This is my current rule that is working.

RewriteCond %{REQUEST_URI} .streamer\.php*
RewriteCond %{HTTP_REFERER} !.*domain.com.*
RewriteRule .* - [F]

这是规则是不够友好的的mod_rewrite ？或是否需要清洁和整理了一下？它的功能，但我与的mod_rewrite 不是专家，我相信有可能是一个更好的code不是我的方法。

Is this rule is friendly enough for mod_rewrite? Or does it need cleaning or tidying up a bit? It does function but I am no expert with mod_rewrite and I am sure there may be a better code than my method.

推荐答案

您可以使用规则本身结合％{REQUEST_URI} 状态，并可以清理引用者正则表达式：

You can combine the %{REQUEST_URI} condition with the rule itself, and you can clean up the referer regex:

RewriteCond %{HTTP_REFERER} !^https?://[^/]+\.domain\.com/? [NC]
RewriteRule .streamer\.php - [F]

请注意，这也将阻止空白查阅情况，如果你复制和粘贴的链接直接进入浏览器的URL地址栏等。如果你希望允许空白查阅情况，你需要添加一个额外的条件：

Note that this will also block blank referers, like if you copy and paste a link straight into the browser's URL address bar. If you want to allow blank referers, you'll need to add an extra condition:

RewriteCond %{HTTP_REFERER} ^$ [OR]
RewriteCond %{HTTP_REFERER} !^https?://[^/]+\.domain\.com/? [NC]
RewriteRule .streamer\.php - [F]

这篇关于的.htaccess块PHP Referer的文件访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！