本文介绍了如果启用了PHP,如何检查.htaccess?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如何让Apache的 .htaccess 文件检查是否启用了PHP?我尝试了诸如< IfModule!mod_php7.0.c> < IfModule!mod_php7.c> 之类的东西,但是

How can I let Apache's .htaccess file check if PHP is enabled? I tried things like <IfModule !mod_php7.0.c> and <IfModule !mod_php7.c> but it doesn not seem to do anything when I enable/disable the module.

我想在 .htaccess 在禁用PHP时拒绝所有访问。为了防止纯文本PHP代码泄漏。

I would like to have a fallback in my .htaccess that denies acces from all when PHP is disabled. In order to prevent leakage of plain text PHP code.

我想做这样的事情:

# If PHP is not installed, deny all access to .php files to prevent PHP code leakage
<IfModule !mod_php7.c>
    <FilesMatch \.php$>
        order deny,allow
        deny from all
    </FilesMatch>
</IfModule>

最终,如果禁用了php7 AND php5 AND php4,它将检查类似的内容,拒绝访问。有想法吗?

Ultimately it will check something like if php7 AND php5 AND php4 are disabled, deny access. Any ideas?

此外,当AllowOverride为None时,因此 .htaccess 文件没有执行任何操作。为了防止PHP代码以明文形式泄漏,有哪些选项?

Also, when AllowOverride is None and so the .htaccess file is not doing anything. What are the options in order to prevent the PHP code from leaking in plaintext?

推荐答案

<IfModule !mod_php5.c>
    <FilesMatch ".+\.php$">
        Order Deny,Allow
        Deny from all
    </FilesMatch>
</IfModule>

在Apache 2.4中

In Apache 2.4

<IfModule !mod_php5.c>
    <FilesMatch ".+\.php$">
        Require all denied
    </FilesMatch>
</IfModule>

在Apache 2.4中,有几个新的有用功能:,和。

In Apache 2.4 there are several new useful features: define, ifdefine, and if, else, ifelse.

在下面,我们可以默认拒绝,并且仅在 PHP_IS_ENABLED

In the following we can deny by default and only enable if PHP_IS_ENABLED is defined.

<IfModule mod_php5.c>
    Define PHP_IS_ENABLED
</IfModule>

<IfModule mod_php7.c>
    Define PHP_IS_ENABLED
</IfModule>

# ...

<IfDefine !PHP_IS_ENABLED>
    <FilesMatch ".+\.php$">
        Require all denied
    </FilesMatch>
</IfDefine>

这篇关于如果启用了PHP,如何检查.htaccess?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-22 16:37