dtotuki47568
2017-07-26 06:29 阅读 63
已采纳

如何在codeigniter中保护ASSETS FOLDER

I just wanna protect my assets folder in client side. All of my files can access public. I wanna protect it. I have rules .htaccess like below, any wrong rules there?

RewriteEngine on
RewriteCond $1 !^(index\.php|assets|robots\.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L,QSA]
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

3条回答 默认 最新

  • 已采纳
    dousunle5801 dousunle5801 2017-07-26 07:51

    You can do two things

    1. via .htaccess (Not Tested)
    2. via index.html

    1. .htaccess

    add .htaccess inside the assets folder

    <IfModule authz_core_module>
        Require all denied
    </IfModule>
    <IfModule !authz_core_module>
        Deny from all
    </IfModule>
    

    2. index.html

    Create index.html file inside the directory and add this

    <!DOCTYPE html>
    <html>
    <head>
        <title>403 Forbidden</title>
    </head>
    <body>
    
    <p>Directory access is forbidden.</p>
    
    </body>
    </html>
    

    Output

    When some one access outside you get this on browser

    Directory access is forbidden.

    点赞 评论 复制链接分享
  • dotif64826 dotif64826 2017-07-26 06:30

    Create a helper to access these 'assets'. And allow requests to these files only from your server. That's one way to solve this.

    点赞 评论 复制链接分享
  • dqo88037 dqo88037 2017-10-24 06:48

    You can protect your assets or files folder similarly as CI protects its application file. Simply copy .htaccess file and index.html file from application and paste it to your assets file.

    点赞 评论 复制链接分享