问题描述
我正在尝试从我的codeigniter URL中删除index.php。我有带有codeigniter和ion auth的apache24。使此工作正常运行的唯一方法是允许 AllowOverride All
。
I am trying to remove the index.php from my codeigniter URL. I have apache24 with codeigniter and ion auth. The only way I can get this to work is by allowing AllowOverride All
.
相关代码为:
<Directory "c:/Apache24/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
使用 AllowOverride None
会返回404错误码。使用 AllowOverride All
可以正常工作。
Using AllowOverride None
this returns a 404 error code. Using AllowOverride All
it works.
在生产服务器上使用此功能有什么安全隐患?
What are the security implications with this on a production server?
推荐答案
AllowOverride
指令用于允许使用。 htaccess
允许在每个目录的基础上覆盖Apache配置。我相信CI使用mod_rewrites使其正常工作。这就是为什么它仅在具有 AllowOverride All
时起作用的原因,因为您告诉网络服务器允许使用CI使用的.htaccess文件。这就是简单的答案。并不是说安全性,而是用于 .htaccess
文件。
AllowOverride
directive is used to allow the use of .htaccess
within the web server to allow overriding of the Apache config on a per directory basis. I believe CI uses mod_rewrites to make it work correctly. That's why it only works when you have AllowOverride All
because you are telling the webserver to allow the use of an .htaccess file which CI uses. That's the simple answer. It's not about security per say, it's for the use of .htaccess
files.
您很可能不得不使用 AllowOverride All
来使用codeigniter,因为这是它的工作方式。使用此指令不应引起任何重大的安全问题。安全方面,您应该没问题。只是不要在<目录/>
块中使用 AllowOverride All
。
You will most likely have to use AllowOverride All
to use codeigniter because that's the way it works. There shouldn't be any major security concerns with using this directive. Security wise you should be fine. Just don't use AllowOverride All
in a <Directory />
block.
仅在特定的Web目录中使用它。下面是您现在拥有的,使用 AllowOverride All
应该可以。
Only use it in a specific web directory only. This below is what you have now and should be fine with AllowOverride All
.
<目录 c:/ Apache24 / htdocs>
如果不是该指令,则 .htaccess
文件将不起作用。请查看文档以获取更详细的说明。
if it wasn't for this directive, .htaccess
files would not work. Have a look at the documentation for more detailed explanation.
这篇关于httpd.conf AllowOverride全部的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!