douluchuo0801
douluchuo0801
2012-08-01 12:38
浏览 44
已采纳

拒绝使用.htaccess访问多个.php文件? [重复]

This question already has an answer here:

I want to deny access to multiple PHP files in directory /all/cstl/.

My .htaccess is also stored in this directory.

This is my current code and it's not working.

<Files "\ (config.php|function.php|include.php)">
  Order allow,deny
  Deny from all
</Files>

I have tried to deny the directory and allow specific files but it denies the directory and does not allow the requested .php files. My code for this is:

<Directory />
    Order deny,allow
    Deny from all
<Directory>

<Files "index.php|post.php">
    Order deny,allow
    Deny from all
</Files>

Please give me some example of blocking access to multiple specific files within a directory.

</div>
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • dounie5475
    dounie5475 2012-08-01 12:52
    已采纳

    There are several problems with the .htaccess you have there.

    As BSen linked in the comment above, you should use FilesMatch. Also, your regular expression is wrong.

    The problem with the regular expression is that you have an escaped space at the start, so all files must start with a space character (followed by one of config.php, function.php etc)

    Also a small explaination of the Order allow,deny directive: http://www.maxi-pedia.com/Order+allow+deny

    Try this:

    <FilesMatch "config\.php|function\.php|include\.php">
      Order allow,deny
      Deny from all
    </FilesMatch>
    

    If you'd like to deny all but a few files, this would read as

    Order deny,allow
    Deny from all
    <FilesMatch "index\.php|index\.html">
      Allow from all
    </FilesMatch>
    
    点赞 评论

相关推荐