apache - htaccess restrict access to index.php only

Question

Welcome To Ask or Share your Answers For Others

apache - htaccess restrict access to index.php only

asked Feb 6, 2021 in Technique[技术] by 深蓝 (71.8m points)

apache - htaccess restrict access to index.php only

I was writing a .htaccess file for my PHP script.
This should only allow access to the index.php, cronjob.php and execute.php pages.
I wrote the .htaccess file as follows:

# Set default index file
DirectoryIndex index.php

# Disable indexing
Options -Indexes

# Set "403 Forbidden" as the default server behavior
Order Deny,Allow
Deny from all

# Allow requests to core PHP files
<FilesMatch "(index|execute|cronjob).php$">
    Allow from all
</FilesMatch>

# If mod_rewrite module exists...
<IfModule mod_rewrite.c>
    RewriteEngine On
    
    # ...restrict access to PHP private directories
    RewriteRule (^|/)logs(/|$) - [F]
    RewriteRule (^|/)utils(/|$) - [F]
    RewriteRule (^|/)modules(/|$) - [F]
</IfModule>

The main problem with this code is that https://example.com/ returns 403 Forbidden,
while https://example.com/index.php works.

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Answer

深蓝 · Answer 1 · 2021-02-06T00:11:47+0000

You could put condition to check if a URI is NOT having either index.php OR cronjob.php or execute.php then forbid that page so else other pages will be forbid apart from these 3 php uris.

Please make sure you clear your browser cache before checking your URLs.

RewriteEngine ON
RewriteCond %{REQUEST_URI} !(index|cronjob|execute).php [NC]
RewriteRule ^ - [F]

Categories

apache - htaccess restrict access to index.php only

apache - htaccess restrict access to index.php only

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags