问题
I have drupal installed in a subfolder drupal, but I want to access pages as it is in root folder: http://www.example.com instead of http://www.example.com/drupal
I'm able to have this working, but it's also working with url containing subfolder, so I have http://www.example.com and a clone site in http://www.example.com/drupal
What is the rule to forbid access to subfolder?
I want all url starting with http://www.example.com/drupal being forbidden.
This is .htaccess in / directory:
Options -Indexes
Options +FollowSymLinks
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]
RewriteRule ^(.*+)$ drupal/$1 [L,QSA]
</IfModule>
And this is drupal .htaccess in /drupal/ directory:
Options -Indexes
Options +FollowSymLinks
ErrorDocument 404 index.php
DirectoryIndex index.php index.html index.htm
# Override PHP settings that cannot be changed at runtime. See
# sites/default/default.settings.php and drupal_initialize_variables() in
# includes/bootstrap.inc for settings that can be changed at runtime.
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_flag mbstring.encoding_translation off
</IfModule>
# Requires mod_expires to be enabled.
<IfModule mod_expires.c>
# Enable expirations.
ExpiresActive On
# Cache all files for 2 weeks after access (A).
ExpiresDefault A1209600
<FilesMatch \.php$>
# Do not allow PHP scripts to be cached unless they explicitly send cache
# headers themselves. Otherwise all scripts would have to overwrite the
# headers set by mod_expires if they want another caching behavior. This may
# fail if an error occurs early in the bootstrap process, and it may cause
# problems if a non-Drupal PHP file is installed in a subdirectory.
ExpiresActive Off
</FilesMatch>
</IfModule>
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
# Block access to "hidden" directories whose names begin with a period. This
# includes directories used by version control systems such as Subversion or
# Git to store control files. Files whose names begin with a period, as well
# as the control files used by CVS, are protected by the FilesMatch directive
# above.
RewriteRule "(^|/)\." - [F]
# To redirect all users to access the site WITH the 'www.' prefix,
# (http://example.com/... will be redirected to http://www.example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} !^www\. [NC]
# RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#
# To redirect all users to access the site WITHOUT the 'www.' prefix,
# (http://www.example.com/... will be redirected to http://example.com/...)
# uncomment the following:
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]
RewriteBase /drupal
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
#RewriteRule ^ index.php [L]
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header append Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>
回答1:
It looks like you're rewriting stuff to the /drupal/ directory, so you don't want to completely forbid access, otherwise going to http://www.example.com will be denied because it gets rewritten to /drupal. I'm assuming you want to disable requests that are directed to the drupal directory, so you'd need to add this somewhere:
RewriteCond %{THE_REQUEST} ^([A-Z]{3,9})\ /drupal/
RewriteRule ^drupal - [F,L]
Adding this to the top of the .htaccess (just under RewriteEngine On) in your document root should be sufficient. If not, try adding it to the one in your drupal directory (just under RewriteEngine On).
回答2:
I solved this adding these two lines after RewriteEngine on in /drupal/.htaccess:
# deny access to url starting with /drupal/
RewriteCond %{THE_REQUEST} ^([A-Z]{3,9})\ /drupal/
RewriteRule .* - [F,L]
Using R=403 avoids problems with drupal "not found" handler: ErrorDocument 404 drupal/index.php
回答3:
Try to change this in your .htaccess in / directory:
Options -Indexes
Options +FollowSymLinks
<IfModule mod_rewrite.c>
RewriteEngine On
# if access is straight to drupal (= no rewrite rule)
# notify in query string:
RewriteRule (drupal/(.*)) $1?straight=1 [QSA]
RewriteRule ^(.*+)$ drupal/$1 [L,QSA]
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [L,R=301]
RewriteRule ^(.*+)$ drupal/$1 [L,QSA]
</IfModule>
Add this in your drupal dir .htaccess file just after RewriteEngine On:
RewriteEngine On
RewriteCond %{QUERY_STRING} straight=1
# "not found" 404 :
RewriteRule .* - [R=404,L]
Tell me if it works :)
来源:https://stackoverflow.com/questions/8699818/url-rewrite-subfolder-to-root-and-forbid-accessing-subfolder