我目前拒绝访问所有子目录和文件,但文件除外 /var/www/subdir/file.php
<Directory /var/www/*>
Allow from None
Order allow,deny
</Directory>
<Location /subdir/file.php>
Order allow,deny
allow from all
</Location>
我该如何使用 保护此文件htpasswd?我尝试了以下语法,但没有效果:
<Directory /var/www/*>
Allow from None
Order allow,deny
</Directory>
<Location /subdir/file.php>
Order allow,deny
allow from all
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /var/www/private_html/passwords/allowed-users
Require user me
</Location>
编辑
这是我的整个httpd.conf文件
<Directory /var/www/public_html/*>
Allow from None
Order allow,deny
</Directory>
<Location /hello1.php>
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /var/www/private_html/passwords/allowed-users
Require user me
SetEnvIf Request_URI "(/hello1.php)$" allow
Order allow,deny
Allow from env=allow
Satisfy any
</Location>
答案1
<FilesMatch "^(?!protected\.html)$">
deny from all
</FilesMatch>
<Files "protected.html">
AuthName "Username and password required"
AuthUserFile /www/sites/testcase.com/.htpasswd
Require valid-user
AuthType Basic
</Files>
除了有问题的文件之外,您将被禁止访问其他所有内容。但是当您尝试访问 protected.html 或任何您想要的名称时,它会为您提供一个基本的身份验证对话框。
答案2
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /home/path/.htpasswd
AuthGroupFile /dev/null
Require valid-user
SetEnvIf Request_URI "(path/to/file\.php)$" allow
Order allow,deny
Allow from env=allow
Satisfy any
你可以将以上内容放入你的 .htaccess 文件中
答案3
尝试通过 IP 地址拒绝访问。这应该可以解决 问题satisfy any,但 不允许访问satisfy all。
<Location /subdir/file.php>
Order allow,deny
deny from all
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /var/www/private_html/passwords/allowed-users
Require valid-user
</Location>
或者尝试使用满足任何要求来自不受信任地址的密码。
<Location /subdir/file.php>
Order allow,deny
allow from 127.0.0.1
deny from all
satisfy any
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /var/www/private_html/passwords/allowed-users
Require user me
</Location>
检查错误日志,看看是否有任何内容记录在那里。我在一些指令错误的情况下找到了解决方案。