Question

我试图得到一个重写规则采取一些参数并转换它们以获得 vars 然后通过它们脚本。

因此,我在我的.htaccess有以下内容,它的工作原理是:

RewriteEngine on

RewriteBase /cms/

RewriteRule ^services$  list.php?type=services  [L]

然后我又想添加一条规则,即“强力”停止直接访问脚本 < code> list.php 。因此,我添加了以下内容:

RewriteRule ^list.php   -    [F,NS]

由于某种原因,每当我试图访问URL时,我就会发现一个“强”的错误,例如:

/cms/services

我假设如果请求不是内部请求, 国旗会停止访问, 但似乎完全阻止我访问剧本。

谁能告诉我我哪里出错。我试图把头绕到这里已经好几天了。. htaccess 文档在目录中, 通过 vhost 的 Alias 访问, 但我知道我的 htaccess 正在被解读为当我删除第二个规则时, 第一个规则和预想的一样有效。

Answer 1

You re right about the subrequest problem. the [NS] flag should prevent this rule to be applied on Internal subrequests. I don t know why it s not working as expected (because you re in a .htaccess and not in a Directory section? because of mod_alias?). Anyway you could try it with a replacement method which is to test the REDIRECT_STATUS environment variable, which as proven to be more reliable than thus flag.

s让我们尝试它( 未测试), 我更喜欢使用长的国旗名称版本, 我认为 mod_ rewrite 已经够模糊了。请注意, 规则顺序是“ 坚固的 NOT < / strong ” 。即使有 < code> [ last] 的旗帜, 规则的结果也会被重新应用到 rulset 上 :

RewriteEngine on
RewriteBase /cms/

# RULE 1
# This rule will apply only from  a direct user access.
# If any other rewrite made an internal redirect we ll skeeze that rule
# so if access is provided after an internal redirect it s ok
# we catch it via the env variable REDIRECT_STATUS which must be empty
RewriteCond %{ENV:REDIRECT_STATUS} ^$  
# 403 FORBIDDEN if the user request direclty list.php!
RewriteRule ^list.php - [forbidden,last]

# RULE 2
# any request to service is in fact internally
# redirected to list.php?type=services
RewriteRule ^services$  list.php?type=services  [nocase, last]

Answer 2

您应该尝试这样, 以防止访问特定文件 :

<files list.php>
order allow,deny
deny from all
</files>

现在任何访问列表.php 文件的尝试都会导致403条错误消息。同样的方式, 您可以阻止访问您的 htaccess 文件。

友情链接