在我的Symfony2项目中,我希望app_dev.php只能通过 IP地址访问。就像在 config.php 中一样,我可以设置一个IP数组,这样每个人都无法访问这个文件。 这也适用于app_dev.php吗?
答案 0 :(得分:17)
在app_dev.php中,您将找到以下代码
if (isset($_SERVER['HTTP_CLIENT_IP'])
|| isset($_SERVER['HTTP_X_FORWARDED_FOR'])
|| !in_array(@$_SERVER['REMOTE_ADDR'], array('127.0.0.1', 'fe80::1', '::1'))
) {
header('HTTP/1.0 403 Forbidden');
exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
}
您可以在此处设置要从中访问的IP地址。
if (!in_array(@$_SERVER['REMOTE_ADDR'], array('Your IP address', '127.0.0.1', 'fe80::1', '::1'))
) {
header('HTTP/1.0 403 Forbidden');
exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
}
答案 1 :(得分:3)
@ chanchal118的答案略有不同。 我们的站点位于负载均衡器之后,因此IP的工作方式略有不同。 希望对有类似设置的人有所帮助。
如果知识产权被欺骗,我也有兴趣听取有关安全问题的任何想法。
//todo this may be a security concern if someone managed to spoof their IP as one of these
$allowedIPs = array('127.0.0.1', 'fe80::1', '::1', 'my.organisation.ip.address');
//allow app_dev.php only under these conditions (prevent for production environment) uses HTTP_X_FORWARDED_FOR because behind load balancer
if (
isset($_SERVER['HTTP_X_FORWARDED_FOR']) &&
( ! in_array(@$_SERVER['HTTP_X_FORWARDED_FOR'], $allowedIPs) )
){
header('HTTP/1.0 403 Forbidden');
exit('You are not allowed to access the development environment.');
}
答案 2 :(得分:-8)
set in virtual host
/var/apache2/sites-avable
<VirtualHost *:80>
ServerName domain.com/main
ServerAlias www.domain.com/main
DocumentRoot /var/www/domain/main/web
DirectoryIndex app_dev.php
</VirtualHost>
switch
<VirtualHost 127.0.0.1:80>
ServerName domain.com/main
ServerAlias www.domain.com/main
DocumentRoot /var/www/domain/main/web
DirectoryIndex app_dev.php
</VirtualHost>