拒绝访问目录中的.htaccess [英] Deny access to directory with .htaccess
问题描述
我想通过.htaccess文件这样的保护目录,并在它的PHP文件,直接从网络访问:
I want to protect a directory and the php files in it, from direct web access through an .htaccess file like this:
IndexIgnore *
<Files ~ "\.(php)$">
order allow,deny
deny from all
</Files>
但我希望能够给Ajax请求的一个JavaScript文件发送给那些PHP文件的获取结果。这可能吗?
but I want to be able to send ajax requests from a javascript file to those php files an get a result. Is this possible?
推荐答案
您可以只允许后请求。从错误code中的浏览器访问结果页面,而是来自阿贾克斯的作品发布。请参见这里。
You can only allow POST-requests. Accessing the page from the browser results in an error code, but posting from ajax works. See here.
注:此资格作为安全通过模糊。如果有人看你的JavaScript,他们将了解如何让页面的结果。
Note: this qualifies as security through obscurity. If someone looks at your javascript, they'll find out how to get the page results.
这篇关于拒绝访问目录中的.htaccess的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!