问题
How do I prevent access to a given directory ? Here is the structure of my website :
config.php
.htaccess
classes/
|----lib/
| |----...
|----classes.php
webroot/
|----index.php
|----ctrl/
| |----...
|----pages/
| |----...
|----style/
|----...
The DocumentRoot is webroot. I want to prohibit access to the following folders : ctrl, pages, style. But the files stored in these folders still have to be available to be included in the index.php file.
In other words, there is an index.php file. Its role is to call (include) all the necessary files from pages/, ... The users can load index.php from their browser but they cannot access the other files alone.
I wrote this code is a .htaccess file but it doesn't do anything :
deny from all
<Files webroot/index.php>
allow from all
</Files>
This .htaccess file is located at the root folder for my project (before webroot/). What I try to do here is to deny access to every directory and files in the project except for the main index.php file.
What is it not working ? What went wrong ?
Thank you in advance.
回答1:
I solved the problem. First of all, I had to activate .htaccess files in my httpd.conf file. Then I wrote this in my .htaccess :
<Files webroot/pages>
deny from all
</Files>
<Files webroot/style>
deny from all
</Files>
回答2:
Do you want to prevent people list files in your webroot? If so, you can add the following option in your htaccess file:
Options -Indexes
来源:https://stackoverflow.com/questions/38815179/how-to-prevent-access-to-a-directory-with-htaccess