doudiaozhi6658 2011-11-24 14:16
浏览 16

映射只能访问Web服务器而不能访问其他用户

On my site i use a lot of includes, the most of the includes should only be accessible for the webserver and not for the rest of the world. So if i include "../include_map/file.php" in a page on my site, it should not be possible to request with an URL by other users in the world ("website.com/include_map/file.php"). Is there a possibility to protect the map with the include files so that only the webserver can include the files?

  • 写回答

2条回答 默认 最新

  • douzhang8144 2011-11-24 14:25
    关注

    PHP can include files from everywhere (also non public directories) on the servers harddrive.

    for example, if your htdocs is located in /var/www/domain/htdocs/ you can also include files located in /var/www/domain/include_map while the webserver wont be allowed to read from there (if configured properly).

    you can then test to access the file with www.yourdomain.com/../include_map/file.php. if you can still access it like this, your webservers configuration needs some attention to prevent others from reading your logs and other things.

    another way is to deny access to the directory via .htaccess or apache config. php can still include the files, while users cant access them from the internet.

    in the apache config you would do something like:

    <Directory /inlcude_map>
   Order Deny,Allow
   Deny from all
</Directory>

    in a .htaccess file you could write

    Order Deny,Allow
Deny from all

    the .htaccess file should be located in the directory you want to secure. Consult your server provider to find out which way is best for you. As stated in the comment you have to find out if .htaccess is an option for you first.

    评论

报告相同问题?

悬赏问题

  • ¥15 HLs设计手写数字识别程序编译通不过
  • ¥15 Stata外部命令安装问题求帮助!
  • ¥15 从键盘随机输入A-H中的一串字符串,用七段数码管方法进行绘制。提交代码及运行截图。
  • ¥15 TYPCE母转母,插入认方向
  • ¥15 如何用python向钉钉机器人发送可以放大的图片?
  • ¥15 matlab(相关搜索:紧聚焦)
  • ¥15 基于51单片机的厨房煤气泄露检测报警系统设计
  • ¥15 Arduino无法同时连接多个hx711模块,如何解决?
  • ¥50 需求一个up主付费课程
  • ¥20 模型在y分布之外的数据上预测能力不好如何解决