Apache .htaccess: Difference between revisions

From HaFrWiki42
Jump to navigation Jump to search
← Older editNewer edit →
Line 26: Line 26:
* Line 05-06: Tests case insensitive ([NC]=No Case) if the directory is ''../phpinclude'' at the end ($).
* Line 05-06: Tests case insensitive ([NC]=No Case) if the directory is ''../phpinclude'' at the end ($).
* Line 08-09: Tests if the file name has the extension ''.php'' at the end ($).  
* Line 08-09: Tests if the file name has the extension ''.php'' at the end ($).  
* Line 11-12: Forbids access to the found file. <br>F: Returns a 403 FORBIDDEN response to the client browser. <br>NS: Causes a rule to be skipped if the current request is an internal sub-request.<br>L: Stop the rewriting process immediately and don't apply any more rules.
* Line 11-12: Forbids access to the found file.  
** F: Returns a 403 FORBIDDEN response to the client browser.  
** NS: Causes a rule to be skipped if the current request is an internal sub-request.
** L: Stop the rewriting process immediately and don't apply any more rules.
Source: https://httpd.apache.org/docs/current/mod/mod_rewrite.html <ref>[https://httpd.apache.org/docs/current/mod/mod_rewrite.html Apache Docs], Description mod_rewrite module: Rewrite(s) condition and rules.</ref>


== See also ==
== See also ==

Revision as of 17:42, 1 October 2018

The Apache Webserver file .htaccess is a powerful tool for managing the access and navigation to your webserver.
Unfortunately, the working is not very intuitive and not very simple.

Examples

Prevent PHP-Directory Access

The usage of a special PHP-include directory is a common implementation paradigm.
But you don't want anyone to have access to that directory except the program/application. This snippet prevents the access to the directory file with extension php.

<syntaxhighlight lang="bash" line>

    1. Enable Mod Rewrite, this is only required once in each .htaccess file

RewriteEngine On RewriteBase /

    1. Test for access to the include directory

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /phpinclude/.*$ [NC]

    1. Test that file requested has php extension

RewriteCond %{REQUEST_FILENAME} ^.+\.php$

    1. Forbid Access

RewriteRule .* - [F,NS,L] </syntaxhighlight>

  • Line 01-03: Needs to be set once and enables the RewriteCond and RewriteRule.
  • Line 05-06: Tests case insensitive ([NC]=No Case) if the directory is ../phpinclude at the end ($).
  • Line 08-09: Tests if the file name has the extension .php at the end ($).
  • Line 11-12: Forbids access to the found file.
    • F: Returns a 403 FORBIDDEN response to the client browser.
    • NS: Causes a rule to be skipped if the current request is an internal sub-request.
    • L: Stop the rewriting process immediately and don't apply any more rules.

Source: https://httpd.apache.org/docs/current/mod/mod_rewrite.html [1]

See also

top

Reference

top

  1. Apache Docs, Description mod_rewrite module: Rewrite(s) condition and rules.
Retrieved from "https://www.harmfrielink.nl/wiki/index.php?title=Apache_.htaccess&oldid=4388"