[nycphp-talk] htaccess & php
Michele Waldman
mmwaldman at nyc.rr.com
Fri Nov 28 15:31:27 EST 2008
They aren't in my webroot.
_____
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org] On
Behalf Of Elijah Insua
Sent: Friday, November 28, 2008 3:05 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] htaccess & php
if you really want to remove the possibility of people hitting these php's
you should
move them out of your webroot.
On Fri, Nov 28, 2008 at 3:02 PM, Michele Waldman <mmwaldman at nyc.rr.com>
wrote:
This is not working for me
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /image/nolink.jpg [L]
RewriteRule .file1\.php(\?*)?$ stub.php [L]
RewriteRule .type1_*\.php(\?*)?$ stub.php [L]
All of the php files are referred to in the html as:
Src="../../file1.php" or
Src="../../type1_file2.php?arg1=blah
In the case of file1, I'm just getting the stub.php
In the case of type1_file2.php the file is being call. I think because my
string didn't match.
I'm trying to lock out remote call to the php files.
Michele
_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org/show_participation.php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20081128/1ce63f68/attachment.html>
More information about the talk
mailing list