Rewrite file extension BUT deny direct access to f

2020-02-29 03:27发布

I am looking for a way to hide the file extension via .htaccess and deny direct access. Let's consider the following:

http://www.xyz.zyx/index.php

gets converted to

http://www.xyz.zyx/index OR http://www.xyz.zyx/

All good till now. What I want to do next is block or redirect when the user tries a direct access. Example, if the user types in the URL bar the following (extension), block or redirect:

http://www.xyz.zyx/index.php

I checked the other answers from other questions, but non seemed to be exactly it.

Thanks in advance for helping a newbie like me.

标签： php security rewrite hide

1条回答

你好瞎i

2楼-- · 2020-02-29 04:14

Although one may question the usefulness of such a thing, it's feasible, so here's how to do it in a .htaccess using mod_rewrite:

RewriteEngine On

# Sets your index script
RewriteRule ^$ index.php [L]

# Condition prevents redirect loops (when script is not found)
RewriteCond %{ENV:REDIRECT_STATUS} !^$
RewriteCond %{REQUEST_FILENAME} !-f

# Stop here if the file is not found after a redirect
RewriteRule ^(.*)$ notfound.php [L]

# Condition prevents redirect loops (when script is found)
RewriteCond %{ENV:REDIRECT_STATUS} ^$

# Forbid access directly to PHP files
RewriteRule ^.*?\.php$ forbidden [F,L]

# Make sure the filename does not actually exist (images, etc.)
RewriteCond %{REQUEST_FILENAME} !-f

# Append the .php extension to the URI
RewriteRule ^(.*)$ $1.php [L]

0人赞添加讨论(0) 举报

Rewrite file extension BUT deny direct access to f

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间