php .htaccess 拒绝访问特定文件?超过一个
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2182936/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
.htaccess deny access to specific files? more than one
提问by oni-kun
I am able to disable access to a file with .htaccess, but I don't know how to disallow multiple files to be viewed (directly, not from includes)
我可以使用 .htaccess 禁用对文件的访问,但我不知道如何禁止查看多个文件(直接,而不是从包含中)
They are .php so I can't disable a file type (like the only tutorials online say..)
它们是 .php 所以我不能禁用文件类型(就像网上唯一的教程说..)
<FILES ... ?
</FILES>
Or something.. For example "home.php, file.php , test.php" how do I disallow access to all three files with that tag? or similar, help please!
或其他东西.. 例如“home.php、file.php、test.php”如何禁止访问带有该标签的所有三个文件?或类似的,请帮助!
回答by Residuum
If you want to exclude files based on regular expressions, you could use FilesMatch instead of Files, e.g.:
如果要根据正则表达式排除文件,可以使用 FilesMatch 而不是 Files,例如:
<FilesMatch ^((home|test|file)\.php$|mysecretfolder|asecretpicture\.jpe?g)$>
...
</FilesMatch>
回答by Select0r
Looks like you have to exclude those files one by one:
看起来您必须一一排除这些文件:
<files home.php>
Deny/Allow/Whatever
</files>
<files file.php>
...
You can use *.gifin <files>or something*, but as home.php, file.php and test.php can't really be grouped with a "*", this is probably the only way to go.
您可以使用*.gifin<files>或something*,但由于 home.php、file.php 和 test.php 不能真正用“*”分组,这可能是唯一的方法。
回答by RafaSashi
since apache 2.4
自 Apache 2.4
<FilesMatch "\.htaccess|config\.php">
Require all denied
</FilesMatch>
instead of
代替
<FilesMatch "\.htaccess|config\.php">
Order allow,deny
Deny from all
</FilesMatch>
