如何在codeigniter中保护ASSETS FOLDER
I just wanna protect my assets folder in client side. All of my files can access public. I wanna protect it. I have rules .htaccess like below, any wrong rules there?
RewriteEngine on
RewriteCond $1 !^(index\.php|assets|robots\.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L,QSA]
我只是想在客户端保护我的资产文件夹。 我的所有文件都可以访问公共。 我想保护它。 我有规则 .htaccess code>,如下所示,那里有任何错误的规则吗? p>
RewriteEngine on
RewriteCond $ 1!^(index \ .php | assets | robots \ .txt)
RewriteCond%{REQUEST_FILENAME}!-f
RewriteCond%{REQUEST_FILENAME}!-d
RewriteRule ^(。*)$ index.php?/ $ 1 [L,QSA]
code> pre >
div>
You can do two things
- via
.htaccess(Not Tested) - via
index.html
1. .htaccess
add .htaccess inside the assets folder
<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>
2. index.html
Create index.html file inside the directory and add this
<!DOCTYPE html>
<html>
<head>
<title>403 Forbidden</title>
</head>
<body>
<p>Directory access is forbidden.</p>
</body>
</html>
Output
When some one access outside you get this on browser
Directory access is forbidden.
Create a helper to access these 'assets'. And allow requests to these files only from your server. That's one way to solve this.
You can protect your assets or files folder similarly as CI protects its application file.
Simply copy .htaccess file and index.html file from application and paste it to your assets file.