Backend Development
PHP Tutorial
Solution to prohibit direct access of php files under Apache_PHP Tutorial
Solution to prohibit direct access of php files under Apache_PHP Tutorial
At first, I wanted to directly prohibit URLs with php suffix from being accessed in the rewrite rules. But later it was discovered that the rewrite rules are called recursively. If php is directly prohibited in the rewrite rules, the rules rewritten to the php file will also be invalid. RewriteEngineOn
RewriteRule^test$/test.php[L]
RewriteRule^test .php$$0[F,L]
Recursive calls are really scary. When you first access /test, the URL rewrite is checked once, and then if ^test$ is matched, it will be redirected internally to /test.php. However, the internal redirection will also trigger URL rewriting, so Check again, it matches ^test.php$ and is forced to operate directly [F] (Forbidden), so it becomes a 403 error. In this case, you must determine whether it has been redirected by the server. At this time, there is a REDIRECT_URL in the server variable that can be used, so I tried to use this to make a judgment.
RewriteEngineOn
RewriteRule^test$/test.php[L]
RewriteCond%{REDIRECT_URL}^$
RewriteRule.*$0[F,L] still gets 403 when writing access to /test. After a little inspection, I found that %{REDIRECT_URL} in RewriteCond is always empty, which is really annoying. In this case, it is not included in the rewrite rules. The solution is to ban php directly. But it can be achieved in less flashy ways. Just judge the REDIRECT_URL in the php file. Although this method can be implemented, it feels very inferior, but so far I haven't found any better way.
$_SERVER['REDIRECT_URL']ordie('Forbidden');
/ /This only displays text. In actual use, the HTTP error code needs to be output.
echo$_SERVER['REDIRECT_URL']; //Successful access display information
?>
If you modify this PHP code and throw it into a global reference, there will basically be no problem. Although it is not a perfect solution, it is at least solved. Maybe you will find a better method in the future.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1378
52
PHP's Current Status: A Look at Web Development Trends
Apr 13, 2025 am 12:20 AM
PHP remains important in modern web development, especially in content management and e-commerce platforms. 1) PHP has a rich ecosystem and strong framework support, such as Laravel and Symfony. 2) Performance optimization can be achieved through OPcache and Nginx. 3) PHP8.0 introduces JIT compiler to improve performance. 4) Cloud-native applications are deployed through Docker and Kubernetes to improve flexibility and scalability.
Beyond the Hype: Assessing PHP's Role Today
Apr 12, 2025 am 12:17 AM
PHP remains a powerful and widely used tool in modern programming, especially in the field of web development. 1) PHP is easy to use and seamlessly integrated with databases, and is the first choice for many developers. 2) It supports dynamic content generation and object-oriented programming, suitable for quickly creating and maintaining websites. 3) PHP's performance can be improved by caching and optimizing database queries, and its extensive community and rich ecosystem make it still important in today's technology stack.
PHP: A Key Language for Web Development
Apr 13, 2025 am 12:08 AM
PHP is a scripting language widely used on the server side, especially suitable for web development. 1.PHP can embed HTML, process HTTP requests and responses, and supports a variety of databases. 2.PHP is used to generate dynamic web content, process form data, access databases, etc., with strong community support and open source resources. 3. PHP is an interpreted language, and the execution process includes lexical analysis, grammatical analysis, compilation and execution. 4.PHP can be combined with MySQL for advanced applications such as user registration systems. 5. When debugging PHP, you can use functions such as error_reporting() and var_dump(). 6. Optimize PHP code to use caching mechanisms, optimize database queries and use built-in functions. 7
PHP vs. Python: Core Features and Functionality
Apr 13, 2025 am 12:16 AM
PHP and Python each have their own advantages and are suitable for different scenarios. 1.PHP is suitable for web development and provides built-in web servers and rich function libraries. 2. Python is suitable for data science and machine learning, with concise syntax and a powerful standard library. When choosing, it should be decided based on project requirements.
PHP vs. Other Languages: A Comparison
Apr 13, 2025 am 12:19 AM
PHP is suitable for web development, especially in rapid development and processing dynamic content, but is not good at data science and enterprise-level applications. Compared with Python, PHP has more advantages in web development, but is not as good as Python in the field of data science; compared with Java, PHP performs worse in enterprise-level applications, but is more flexible in web development; compared with JavaScript, PHP is more concise in back-end development, but is not as good as JavaScript in front-end development.
How to use Debian Apache logs to improve website performance
Apr 12, 2025 pm 11:36 PM
This article will explain how to improve website performance by analyzing Apache logs under the Debian system. 1. Log Analysis Basics Apache log records the detailed information of all HTTP requests, including IP address, timestamp, request URL, HTTP method and response code. In Debian systems, these logs are usually located in the /var/log/apache2/access.log and /var/log/apache2/error.log directories. Understanding the log structure is the first step in effective analysis. 2. Log analysis tool You can use a variety of tools to analyze Apache logs: Command line tools: grep, awk, sed and other command line tools.
How to check Debian OpenSSL configuration
Apr 12, 2025 pm 11:57 PM
This article introduces several methods to check the OpenSSL configuration of the Debian system to help you quickly grasp the security status of the system. 1. Confirm the OpenSSL version First, verify whether OpenSSL has been installed and version information. Enter the following command in the terminal: If opensslversion is not installed, the system will prompt an error. 2. View the configuration file. The main configuration file of OpenSSL is usually located in /etc/ssl/openssl.cnf. You can use a text editor (such as nano) to view: sudonano/etc/ssl/openssl.cnf This file contains important configuration information such as key, certificate path, and encryption algorithm. 3. Utilize OPE
Laravel (PHP) vs. Python: Development Environments and Ecosystems
Apr 12, 2025 am 12:10 AM
The comparison between Laravel and Python in the development environment and ecosystem is as follows: 1. The development environment of Laravel is simple, only PHP and Composer are required. It provides a rich range of extension packages such as LaravelForge, but the extension package maintenance may not be timely. 2. The development environment of Python is also simple, only Python and pip are required. The ecosystem is huge and covers multiple fields, but version and dependency management may be complex.
