htaccess禁止访问.php并仅允许使用RewriteRule
问题描述:
我有一个带有以下RewriteRules的文件.htaccess:
I have a file .htaccess with these RewriteRules:
RewriteEngine On
RewriteRule ^login$ login.php [L]
RewriteRule ^index$ index.php [L]
RewriteRule ^page/([^/]+)/?$ page.php?id=$1 [L,QSA]
可以阻止直接访问所有这些文件,但是仅允许使用RewriteRule
例如,如果有人致电:"domain.com/登录",则会看到该页面.
For example if someone call: "domain.com/login" should see the page.
但是,如果有人致电"domain.com/ login.php ",则不应这样做(在这种情况下,应该会看到403或404错误)
But if someone call "domain.com/login.php" should not (in this case should see a 403 or 404 error)
答
您可以使用其他规则来阻止直接访问.php文件:
You can have an additional rule for blocking direct access to .php files:
RewriteEngine On
RewriteCond %{THE_REQUEST} /.+?\.php[\s?] [NC]
RewriteRule ^ - [F]
RewriteRule ^page/([^/]+)/?$ page.php?id=$1 [L,QSA]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{DOCUMENT_ROOT}/$1\.php -f [NC]
RewriteRule ^(.+?)/?$ /$1.php [L]