Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

mod_rewrite, clean URLs, htacess: prevent direct access to script

Options
  • 06-05-2009 2:01pm
    #1
    [Deleted User]
    Posts: 0


    Hi All,

    I have started to play around with mod_rewrite on Apache to make "clean URLs" such as http://site/products/12/ instead of http://site/products.php?pid=12

    I can set up the rewrite rules for the likes of above in a .htaccess file and it works well but I was reading on a blog that I should also prevent direct access to the .php scripts and only allow access through the clean URLs.

    What I did was to check in the php for the REQUEST_URI and allow or deny access based on that. I was basically checking if the uri ended in .php (direct access) and allowing or denying based on that.

    I'd just like to know if this is an acceptable way of doing things or if I'm missing something and should be doing it in a better way.

    Thanks,

    Baz.


Comments

  • Options
    #2
    Sully
    Moderators, Education Moderators, Technology & Internet Moderators, Regional South East Moderators Posts: 24,056 Mod ✭✭✭✭Sully


    Do a search, I posted up a solution on this a few weeks ago. :)


  • Options
    #3
    [Deleted User]
    Posts: 0 [Deleted User]


    Thanks Sully, I think we are doing slightly different things but I think I got a few ideas from looking at your .htaccess

    I was initially looking to send a 301 back to anyone who tried to access the php directly but now I think I'll use one of the tricks from your one to send them to a relevant base, depending on where they are poking around in.

    Cheers! :)


Advertisement