php .htaccess。拒绝 root,允许特定的子文件夹。可能的?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7649794/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
.htaccess. deny root, allow specific subfolder. Possible?
提问by V-Light
How can I deny access to http://sub.mydomain.com/, but allow for (completely) http://sub.mydomain.com/test(or http://sub.mydomain.com/test/)
我如何拒绝访问http://sub.mydomain.com/,但允许(完全)http://sub.mydomain.com/test(或http://sub.mydomain.com/test/)
There is a magento back-end behind http://sub.mydomain.com/test/
http://sub.mydomain.com/test/后面有一个 magento 后端
回答by nachito
.htaccess directives apply to that directory, and all subdirectories thereof, so you should disallow access in your DocumentRoot,
.htaccess 指令适用于该目录及其所有子目录,因此您应该禁止访问 DocumentRoot,
http://sub.mydomain.com/.htaccess:
http://sub.mydomain.com/.htaccess:
Order deny,allow
Deny from all
And override that in any specific subdirectories you would like to allow access to,
并在您希望允许访问的任何特定子目录中覆盖它,
http://sub.mydomain.com/test/.htaccess:
http://sub.mydomain.com/test/.htaccess:
Order allow,deny
Allow from all
回答by SW4
How about a .htaccessat the root directory, with the following lines?
根目录下的.htaccess怎么样,有以下几行?
RewriteEngine On
# check if request is for subdomain
RewriteCond %{HTTP_HOST} ^sub.mydomain.com$ [NC]
# check if 'test' isnt part of request
RewriteCond %{REQUEST_URI} !^/test/?(.*)$ [NC]
# if subdomain and no 'test' part, redirect to main domain...
RewriteRule ^(.*)$ http://www.mydomain.com/ [R,L]
So if the '/test/' section is present, no redirect takes place...
因此,如果存在 '/test/' 部分,则不会发生重定向...
回答by radeklos
Try create .htaccess file in sub.mydomain.com for deny, and in sub.mydomain.com/test for allow.
尝试在 sub.mydomain.com 中创建 .htaccess 文件作为拒绝,并在 sub.mydomain.com/test 中创建允许。
Or you can redirect from http://sub.mydomain.com/to deny subdir.
或者您可以从http://sub.mydomain.com/重定向以拒绝 subdir。
回答by David SN
I know this is a very old thread, but I've been struceling with exactly this scenario for several days and finally got it to work, thus I thought I'd share my solution for further reference.
我知道这是一个非常古老的线程,但我一直在为这个场景苦苦挣扎好几天,终于让它工作了,因此我想我会分享我的解决方案以供进一步参考。
As of Apache version 2.4 (I guess), it's possible to use directive <RequireAll>and <RequireAny>.
This can be used to allow access to specific subfolders.
从 Apache 2.4 版开始(我猜),可以使用指令<RequireAll>和<RequireAny>. 这可用于允许访问特定的子文件夹。
My solution for .htaccess (inspired from this site: https://www.the-art-of-web.com/system/apache-authorization/):
我的 .htaccess 解决方案(灵感来自本网站:https: //www.the-art-of-web.com/system/apache-authorization/):
SetEnvIf REQUEST_URI "^/test/.*" PUBLICACCESS
# Use for multiple subfolders:
# SetEnvIf REQUEST_URI "^/(?:test|test2|test3|test4)/.*" PUBLICACCESS
<RequireAny>
<RequireAll>
# Public access
Require env PUBLICACCESS
Require all granted
</RequireAll>
<RequireAll>
# Require user and password
AuthType Basic
AuthName "Secured"
AuthUserFile /var/www/example.com/.htpasswd
Require valid-user
</RequireAll>
</RequireAny>
