的.htaccess块PHP Referer的文件访问 [英] .htaccess Block PHP Referer File access
问题描述
我有我的服务器上的PHP文件,我不希望任何人没有正确的引用来访问它。
I have a PHP file on my server and I don't want anyone without the correct refer to access it.
这是我的工作是当前规则。
This is my current rule that is working.
RewriteCond %{REQUEST_URI} .streamer\.php*
RewriteCond %{HTTP_REFERER} !.*domain.com.*
RewriteRule .* - [F]
这是规则是不够友好的的mod_rewrite
?或是否需要清洁和整理了一下?它的功能,但我与的mod_rewrite
不是专家,我相信有可能是一个更好的code不是我的方法。
Is this rule is friendly enough for mod_rewrite
? Or does it need cleaning or tidying up a bit? It does function but I am no expert with mod_rewrite
and I am sure there may be a better code than my method.
推荐答案
您可以使用规则本身结合%{REQUEST_URI}
状态,并可以清理引用者正则表达式:
You can combine the %{REQUEST_URI}
condition with the rule itself, and you can clean up the referer regex:
RewriteCond %{HTTP_REFERER} !^https?://[^/]+\.domain\.com/? [NC]
RewriteRule .streamer\.php - [F]
请注意,这也将阻止空白查阅情况,如果你复制和粘贴的链接直接进入浏览器的URL地址栏等。如果你希望允许空白查阅情况,你需要添加一个额外的条件:
Note that this will also block blank referers, like if you copy and paste a link straight into the browser's URL address bar. If you want to allow blank referers, you'll need to add an extra condition:
RewriteCond %{HTTP_REFERER} ^$ [OR]
RewriteCond %{HTTP_REFERER} !^https?://[^/]+\.domain\.com/? [NC]
RewriteRule .streamer\.php - [F]
这篇关于的.htaccess块PHP Referer的文件访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!