拒绝除/index.php和两个文件夹之外的所有文件夹

时间:2014-01-28 23:04:38

标签: apache .htaccess

这是一个奇怪的配置,我会给你,但我想拒绝访问我们系统中的所有文件夹,但它必须能够访问,

/index.php (Wordpress bootloader)
/wp-*/* (e.g. wp-content, wp-admin, etc.)
/templates/* (some of our templates and custom content)

其他所有内容都被拒绝(并且有数百个文件夹)。

我遇到的问题是允许index.php和2个文件夹,然后拒绝/.

中的所有其他内容

我应该能够接受,

http://example.com/
http://example.com/index.php
http://example.com/wp-content/...
http://example.com/wp-admin/...
http://example.com/wp-includes/...
http://example.com/templates/template.css
http://example.com/templates/subfolder/js/file.js

并拒绝,

http://example.com/thisIsAFolder
http://example.com/thisIsAnotherFolder

这就是我所拥有的,

<VirtualHost *:80>
    ServerName example.com

    DirectoryIndex index.php
    DocumentRoot /var/www/

    <Directory />
        Order deny,allow
        Deny from all
    </Directory>

    <Files index.php>
        Allow from all
    </Files>

    <Directory "/var/www(/|/wp*/|/templates/)">
        Allow from all

        Options FollowSymLinks

        RewriteEngine On
        RewriteBase /

        RewriteRule ^index\.php$ - [L]
        RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

        RewriteCond %{REQUEST_FILENAME} -f [OR]
        RewriteCond %{REQUEST_FILENAME} -d

        RewriteRule ^ - [L]
        RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) wp/$2 [L]
        RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ wp/$2 [L]
        RewriteRule . index.php [L]
    </Directory>
</VirtualHost>

但我不断收到Red Hat Enterprise Linux Test Page(使用CentOS)并允许子目录,因为我允许/

修改

这是最终为我工作的Apache配置。非常感谢Jon Lin的帮助。

<VirtualHost *:80>
    ServerName example.com

    DirectoryIndex index.php
    DocumentRoot /var/www/

    # first, deny all access
    <Directory />
        Order deny,allow
        Deny from all
    </Directory>

    # then start to allow access where required
    <Files index.php>
        Allow from all
    </Files>

    <Directory "/var/www/">
        Allow from all

        Options FollowSymLinks

        RewriteEngine On
        RewriteBase /

        # go directly to index.php if it is accessed
        RewriteRule ^index\.php$ - [L]

        # re-write URL for wp-admin access
        RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

        # re-write wp-* access to route through wp/
        RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) wp/$2 [L]

        # re-write all .php files to route through wp/
        RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ wp/$2 [L]

        # go directly to real files and directories
        RewriteCond %{REQUEST_FILENAME} -f [OR]
        RewriteCond %{REQUEST_FILENAME} -d
        RewriteRule ^ - [L]

        # respond to all other URLs by passing them through index.php
        RewriteCond %{REQUEST_FILENAME} !-f [OR]
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule . index.php [L]

        # deny access if URL doesn't start with these
        RewriteCond %{REQUEST_URI} !^/(index\.php)?$
        RewriteCond %{REQUEST_URI} !^/wp-[^/]+/
        RewriteCond %{REQUEST_URI} !^/templates/
        RewriteRule ^ - [L,F]
    </Directory>
</VirtualHost>

1 个答案:

答案 0 :(得分:1)

您可以尝试添加:

RewriteCond %{REQUEST_URI} !^/(index\.php)?$
RewriteCond %{REQUEST_URI} !^/wp-[^/]+/
RewriteCond %{REQUEST_URI} !^/templates/
RewriteRule ^ - [L,F]

之前:

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d

这里的问题是永久链接可能会中断,因为像/posts/post-title/这样的请求将不会与“允许的”URI相匹配。如果这是一个问题,那么在此行之前将其移到右边:

RewriteRule . index.php [L]
相关问题
最新问题