Using htaccess, how to restrict seeing directory contents, but allow server to use the contents?

后端 未结 11 1810
既然无缘
既然无缘 2021-01-30 22:38

More specifically, I have an htaccess file that restricts anyone from seeing the directory contents. Such that, nobody can see my 1000s of images in www.example.com/images by us

相关标签:
11条回答
  • 2021-01-30 23:40

    To me I feel the easiest way of getting it done is with a redirect. On the images directory, just create an index page and in the index page you have a redirect to your site index page i.e

    <?php
       header( 'Location: http://www.yoursite.com' ) ;
    ?>
    

    So that whenever anyone tries to access the image page directly they end up going to your site's root.

    0 讨论(0)
  • 2021-01-30 23:41

    Use something like this in .htaccess file:

     #
     ###################################################################
     ###                                                             ###
     ###                    Currently protection                     ###
     ###              images (jpg, jpeg, gif, png, bmp)              ###
     ###                       JavaScript (js)                       ###
     ###                Cascading Style Sheets (CSS)                 ###
     ###                                                             ###
     ###################################################################
     #
     <IfModule mod_rewrite.c>
     RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com/.*$ [NC]
     RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com$ [NC]
     RewriteRule .*\.(jpg|jpeg|gif|png|bmp|js|css)$ http://access-                    denied.us/hotlinks.html [NC,L]
     </ifModule>
     #
    

    This will allow your pages to load the documents and images you want while stoping everyone elses pages from doing it. I use this on all my sites and it works great.

    0 讨论(0)
  • 2021-01-30 23:42

    If it were me I'd just make sure that the referrer is www.example.com, that's kinda one of it's main uses.

    0 讨论(0)
  • 2021-01-30 23:43

    deny from all allows files to be used by server side scripts but restricts complete web access.

    0 讨论(0)
  • 2021-01-30 23:43

    I use a trick which makes people think they've accessed a folder which doesn't exist.

    Create a HTML file and add this:

    <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
    <html>
    <head>
    <title>404 Not Found</title>
    </head>
    
    <body>
    <h1>Not Found</h1>
    <p>The requested URL was not found on this server.</p>
    <p>Additionally, a 404 Not Found
    error was encountered while trying to use an ErrorDocument to handle the request.</p>
    
    </body>
    </html>

    0 讨论(0)
提交回复
热议问题