I want to prevent people from accessing my php pages directly using .htaccess

Posted by asdasdasd on Stack Overflow See other posts from Stack Overflow or by asdasdasd
Published on 2010-05-06T21:26:03Z Indexed on 2010/05/06 21:28 UTC
Read the original article Hit count: 133

Filed under:
|
|

I have a site that is made up of php pages, but they are served to the user through includes based on what I think they need. if they can guess the name of a php file, they can access those pages. while this is not a security risk at all, i would rather have a way to catch this and redirect them to somewhere else.

i really want everything to go through the index page unless it is a file that exists (exeption being for any file ending with .php).

I tried this, didnt work:

RewriteEngine on
RewriteCond %{REQUEST_URI} !(.*\.php$) [NC]
RewriteCond %{REQUEST_FILENAME} !-f [NC]
RewriteRule .* /n/index.php [NC]

© Stack Overflow or respective owner

Related posts about mod-rewrite

Related posts about redirect