Godaddy上的CodeIgniter安装具有最佳安全性

On godaddy hosting public_html is given as a web root. I'm trying to install CodeIgniter on it so I'd like the whole framework to be outside of webroot (for security reasons). For this specific purpose, in the public_html directory I've created .htaccess with the following code:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?example.com$ [NC]
RewriteCond %{REQUEST_URI} !^/sub_webroot/
RewriteRule ^(.*)$ ./sub_webroot/index.php?$1 [L]

Directory/file structure looks like this:

public_html
    .htaccess
    CodeIgniter (whole framework files except index.php)
    sub_webroot
        index.php (CI index.php)
        assets
             sample.png

The framework is loaded successfully and index.php is removed as well. The problem which I am facing is that I can't open sample.png via example.com/assets/sample.png and it is obvious it is happening because of the line RewriteRule ^(.*)$ ./sub_webroot/index.php?$1 [L]. I can't made up my mind how it would be possible to access the assets directory and keep the framework working successfully as it is working now. Any ideas how to change .htaccess that meets my needs ?

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

duanpei8518 2015-07-07 08:11

关注

This is how we solved this problem: adding a condition to ignore the rewrite if requesting from the assets folder. You can add/remove options to ignore as required - really you only need the assets option in your case.

#Checks to see if the user is attempting to access a valid file,
#such as an image or css document
RewriteCond $1 !^(index\.php|assets|css|png|jpg|gif|robots\.txt|favicon\.ico)

Place this before your RewriteRule.

There's a pretty comprehensive Codeigniter .htaccess for troublesome hosts at: http://www.chrishjorth.com/blog/one-com-codeigniter-htaccess-rewrite-rules/, that's nicely commented:

# @author: Chris Hjorth, www.chrishjorth.com
# Make index.php the directory index page
DirectoryIndex index.php
#Protect the .htaccess files
<Files .htaccess>
    order allow,deny
    deny from all
</Files>
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /subfolder/
    # START CodeIgniter ------------------------------------------------------------------------------------------------------------
    # based on http://www.danielwmoore.com/extras/index.php?topic=7691.0 and http://ellislab.com/forums/viewthread/132758/
    # Redirect default controller to "/".
    # This is to prevent duplicated content. (/welcome/index =&gt; /)
    RewriteRule ^(welcome(/index)?)/?$ /subfolder/ [L,R=301]
    # Remove /index/ segment on the URL, again to prevent duplicate content.
    RewriteRule ^(.*)/index/? $1 [L,R=301]
    # Remove trailing slashes, also to remove duplicate content
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    # Remove multiple slashes in between, just to remove the possibility of fabricating crazy links.
    RewriteCond %{REQUEST_URI} ^(.*)//(.*)$
    RewriteRule . %1/%2 [R=301,L]
    # Ignore certain files and folders in this rewrite
    RewriteCond $1 !^(index\.php|assets|frameworks|uploads|robots\.txt|favicon\.ico)
    # [NC] = no case - case insensitive
    # [L] = Last rule, last rewrite for this set of conditions
    # [QSA] = Query String Append, should be used to prevent all redirects from going to your default controller, which happens on 
    # some server configurations.
    RewriteRule ^(.*)$ /subfolder/index.php?$1 [NC,L,QSA]
    # END CodeIgniter --------------------------------------------------------------------------------------------------------------
</IfModule>
# If Mod_rewrite is NOT installed go to index.php
<IfModule !mod_rewrite.c>
    ErrorDocument 404 /index.php
</IfModule>

本回答被题主选为最佳回答 , 对您是否有帮助呢?

报告相同问题？

关注问题

Godaddy上的CodeIgniter安装具有最佳安全性 apache php
2014-05-07 19:48

回答 1 已采纳 This is how we solved this problem: adding a condition to ignore the rewrite if requesting from th
在godaddy中的Codeigniter .htaccess php
2014-10-26 12:17

回答 4 已采纳 Have your /myfolder/myapp/.htaccess like this: <IfModule mod_rewrite.c> RewriteEngine
使用php Codeigniter的mysql转储，与godaddy的服务器问题 mysql php
2016-12-30 04:45

回答 1 已采纳 You tagged to question with codeigniter. Once I done this. I am sharing the code with you, lets ho
godaddy php mail,在GoDaddy托管上使用phpmailer发送电子邮件
2021-04-15 14:46

东辑事厂的博客我需要在GoDaddy上配置一些东西吗？我的想法是我有一个客户,他们有一个Gmail帐户.该网站有一个表单,客户需要将所有提交的联系信息接收到他们的Gmail帐户.我不知道该怎么做,已经尝试了三天没有成功.这是我用来将电子...
在Godaddy找不到CodeIgniter 404页面 php
2015-12-26 15:05

回答 1 已采纳 Change your all file names caps and controller name as simple Ex : Home.php and inside controller
如何从GoDaddy子文件夹中的CodeIgniter站点中删除index.php？ php
2015-02-26 05:45

回答 2 已采纳 So, finally this is what worked for me, hope it helps somebody. The .htaccess file: RewriteEngin
在Godaddy Wordpress Hosting上隐藏PHP错误 php
2016-11-09 09:42

回答 1 已采纳 To hide PHP errors on any WordPress portal, It doesn't matter where it hosted Please do the follow
godaddy-api:自动生成的Godaddy API https的节点客户端
2021-05-17 21:45

GoDaddy API 自动生成的 Javascript包装器安装 npm install godaddy-api 从创建生产GoDaddy API密钥和机密用法 const GoDaddy = require('godaddy-api'); godaddy = GoDaddy(, ); 获取订单清单 godaddy.orders...
无法导航到CodeIgniter站点 php
2018-07-05 14:06

回答 1 已采纳 oh darn thing, you were right @sintakonte, one site was pointing somewhere else. Go daddy had a A
PHP重定向或cookie，不是在Godaddy上工作，而是在localhost上工作 php
2014-11-04 18:52

回答 1 已采纳 It's easy. Unset the cookie. if (!isset($_COOKIE['Username'])){ require ('LoginFunctions.inc.
通过PHP从GoDaddy连接到远程AWS MySQL mysql php
2014-11-12 23:08

回答 1 已采纳 Based on the the information in the question and the comments, it is clear that GoDaddy's network
godaddy php mail,Php Mailer错误 - Godaddy Smtp
2021-04-15 14:45

茶水不太凉的博客我在godaddy上托管了电子邮件 .所以我想用phpmailer发送电子邮件 . 下面是我正在测试的脚本，但它一直给我这个错误 -//SMTP needs accurate times, and the PHP time zone MUST be set//This should be done in y.....
301重定向不适用于GoDaddy服务器 php
2019-08-07 15:04

回答 1 已采纳 RewriteRule hu/3d-latvanytervezes-tanfolyamok/3d-lakberendezo-tanfolyam.html$ /3d-latvanytervezes/
Godaddy主机快速安装Zen Cart程序建立网站教程.docx
2021-09-26 23:08

Godaddy主机快速安装Zen Cart程序建立网站教程.docx
GoDaddy SSL证书制作和安装
2020-07-03 23:58

听鬼讲故事的博客简介 SSL证书是数字证书的一种类似于驾驶证...与阿里云的SSL证书不同，GoDaddy作为一个专门的域名和SSL证书服务的提供商，其为保证SSL证书的安全性，整个证书的操作过程都需要自己来做，本篇文章就主要介绍在GoDaddy
godaddy-dyndns:使用具有动态IP地址的GoDaddy子域
2021-05-18 16:19

Godaddy-dyndns 使用具有动态IP地址的GoDaddy子域
godaddy php mail,如何使用godaddy web主机上的phpmailer通过365发送电子邮件
2021-04-15 14:46

weixin_39614561的博客我要用phpmailer lib通过365发送电子邮件。这是我的配置MAIL_DRIVER=smtpMAIL_HOST=smtp.office365.comMAIL_PORT=587MAIL_USERNAME=support@xxxxx.comMAIL_PASSWORD=XXXXXXMAIL_ENCRYPTION=STARTTLS以下代码是发送...
Godaddy购买域名流程.doc
2021-08-20 00:13

Godaddy购买域名流程.doc
php godaddy,godaddy php 跳转不了怎么办
2021-04-23 06:10

管财牛的博客第一步：登录Godaddy帐户，找到左上角的“Log In To My Account”。第二步：登录成功之后，在上图红圈的位置就会变成“My Account”，点击此链接，进入帐户管理。第三步：请看下图，点击第一项“Domains”域名，就...
godaddy php mail,PHPMailer GoDaddy服务器SMTP连接被拒绝
2021-04-15 14:46

MegaQubit的博客我打电话给他们的技术支持，与我交谈的人建议我的问题与我在Windows机器上，最好在Linux机器上使用有关。我对此没有意见，我同意了，他们把我换了。过渡之后，我的PHPMailer功能让我迷茫了。我已经工作了几个月，...
没有解决我的问题, 去提问

悬赏问题

¥15 什么设备可以研究OFDM的60GHz毫米波信道模型
¥15 不知道是该怎么引用多个函数片段
¥15 爬取1-112页所有帖子的标题但是12页后要登录后才能我使用selenium模拟登录账号密码输入后会报错不知道怎么弄了
¥30 关于用python写支付宝扫码付异步通知收不到的问题
¥50 vue组件中无法正确接收并处理axios请求
¥15 隐藏系统界面pdf的打印、下载按钮
¥15 基于pso参数优化的LightGBM分类模型
¥15 安装Paddleocr时报错无法解决
¥15 python中transformers可以正常下载，但是没有办法使用pipeline
¥50 分布式追踪trace异常问题

码龄粉丝数原力等级 --

Godaddy上的CodeIgniter安装具有最佳安全性

1条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

Godaddy上的CodeIgniter安装具有最佳安全性

1条回答 默认 最新

悬赏问题

1条回答默认最新