开发者

prevent *.bak *.inc file upload from a apache server

开发者 https://www.devze.com 2023-01-19 15:54 出处:网络
Is it possible to prevent people from seeing files like .bak from am apache directory ? If there is a reques开发者_如何学运维t for the url (http://foo.com/bar.bak), it\'d be good to have a 404 error,

Is it possible to prevent people from seeing files like .bak from am apache directory ? If there is a reques开发者_如何学运维t for the url (http://foo.com/bar.bak), it'd be good to have a 404 error, and prevent anybody to upload the file.


Now that I know the answer, here it is : one of them is to use RewriteRule in the httpd.conf. – Cedric 14 secs ago edit Now that I know the answer, here it is : one of them is to use RewriteRule in the httpd.conf.

RewriteEngine On # Turn on the rewriting engine RewriteRule

RewriteRule   ^(.*(\.(html|htm|gif|js|jpg|jpeg|php|css)|\/))$    $1  [L,NC]
# do not do anything (no rewriting), but don't execute the next rule
#("NC", tells Apache that this rule should be case-insensitive, and "L" tells Apache not to process any more rules if this one is used.)

RewriteRule   ^.*$    /  [NC,R] # rewrite all the other urls to /

This is the main idea. Please, modify the first regex to your needs ! (as urls like foo?bar=obu won't work, nor foo/bar)

0

精彩评论

暂无评论...
验证码 换一张
取 消