问题
Here is the situation...
I have a cron job scheduled to run that is used to backup my database. Because of the way php is installed, I'm having to use lynx to hit the php script that is performing the backup.
Because this script has to live within my public_html folder I want to deny all requests except for the ones that come directly from my server (i.e.: localhost). Also, I'm assuming that the ip I'll be coming from is 127.0.0.1. I'm not exactly sure if that's true but I can't think of what else my ip would be in this situation. Am I right about the cron job running and hitting the script from 127.0.0.1?
Here is what my .htaccess looks like:
order allow,deny
deny from all
allow from 127.0.0.1
As a result, I keep getting a 403 Forbidden. Which is what I want to do for everyone else except for myself. Maybe I'm going about this the wrong way... Does anyone see what I'm doing wrong?
回答1:
Use the order the other way around, ie:
order deny,allow
deny from all
allow from 127.0.0.1
回答2:
Require local
The local provider allows access to the server if any of the following conditions is true:
- the client address matches 127.0.0.0/8
- the client address is ::1
- both the client and the server address of the connection are the same
This allows a convenient way to match connections that originate from the local host:
Require local
回答3:
Leo's answer solved my issue. This is what I have set up so I can block direct access to images:
<IfModule mod_rewrite.c>
<Files ~ "\.(jpg|jpeg|png|gif|pdf|txt|bmp|mp4|mov|ogg|wmv|webm|flv|mpg|mp2|mpeg|mpe|mpv|m4p|m4v|mp3|wav|acc|oga|m4a)$">
order deny,allow
deny from all
Require local
allow from all
</Files>
</IfModule>
I didn't want to type out the ip, incase the local ip changed later
回答4:
None of the answers here allowed me to access http://localhost:8888/ until I added this:
allow from localhost
So in my case this is my entire .htaccess file:
order deny,allow
deny from all
# my IP
allow from xx.xx.xx.xx (use your own IP address here)
# Local development
allow from localhost
The # is a code comment. This file allows only me to access the site from my browser online (the IP) and locally from localhost.
Remember, the order matters when you use order deny,allow. You put the deny ones first in your file and then your allows below that.
来源:https://stackoverflow.com/questions/1281277/htaccess-allow-localhost-problem