拒绝访问具有给定扩展名的所有文件,一个文件除外,我该怎么做?
Deny access all files with gived extension except for one, how i do?
我如何拒绝访问除位于根目录中的 load.php 之外的所有 php 文件?
我有:
RewriteCond %{HTTP_REFERER} !^http:// [NC]
RewriteCond %{HTTP_REFERER} !^http://*$ [NC]
RewriteCond %{REQUEST_FILENAME}.php !^/load.php$ [NC]
RewriteRule \.(php)$ - [F]
但是不行。我该如何解决?
谢谢
编辑:
我的完整 htaccess(用于重写规则):
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
# Hidden .php extension
RewriteCond %{THE_REQUEST} \s/+(.+?)\.php[\s?] [NC]
RewriteRule ^ /%1 [R=301,NE,L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.+?)/?$ .php [L]
# Hidden WWW from Url
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://%1/ [R=301,L]
# Deny Access to specific file (Without WWW)
RewriteCond %{HTTP_REFERER} !^http:// [NC]
RewriteCond %{HTTP_REFERER} !^http://*$ [NC]
RewriteCond %{REQUEST_URI} !^/loader\.php$ [NC]
RewriteRule \.(php)$ - [F]
# Redirect to https protocol if available
<IfModule mod_ssl.c>
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/ [R=301,L]
</IfModule>
</IfModule>
你可以试试这条规则:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/load(?:\.php)?$ [NC]
RewriteRule \.php$ - [F,NC]
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.+?)/?$ .php [END]
我如何拒绝访问除位于根目录中的 load.php 之外的所有 php 文件?
我有:
RewriteCond %{HTTP_REFERER} !^http:// [NC]
RewriteCond %{HTTP_REFERER} !^http://*$ [NC]
RewriteCond %{REQUEST_FILENAME}.php !^/load.php$ [NC]
RewriteRule \.(php)$ - [F]
但是不行。我该如何解决? 谢谢
编辑:
我的完整 htaccess(用于重写规则):
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
# Hidden .php extension
RewriteCond %{THE_REQUEST} \s/+(.+?)\.php[\s?] [NC]
RewriteRule ^ /%1 [R=301,NE,L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.+?)/?$ .php [L]
# Hidden WWW from Url
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://%1/ [R=301,L]
# Deny Access to specific file (Without WWW)
RewriteCond %{HTTP_REFERER} !^http:// [NC]
RewriteCond %{HTTP_REFERER} !^http://*$ [NC]
RewriteCond %{REQUEST_URI} !^/loader\.php$ [NC]
RewriteRule \.(php)$ - [F]
# Redirect to https protocol if available
<IfModule mod_ssl.c>
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/ [R=301,L]
</IfModule>
</IfModule>
你可以试试这条规则:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/load(?:\.php)?$ [NC]
RewriteRule \.php$ - [F,NC]
RewriteCond %{HTTP_HOST} ^www\. [NC,OR]
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L,NE]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.+?)/?$ .php [END]