CODEWITHSUNDEEP
.htaccesscodeigniter
Afshin
Afshin

Reputation: 2437

Block direct access to all the php files except some of them in codeigniter

I want to install another script beside Codeigniter in my server. The problem is that Codeigniter by default contains a .htaccess file which has got the code below to prevent direct access to php files:

# Hide all PHP files so none can be accessed by HTTP
RewriteRule (.*)\.php$ index.php/$1

How can I add some exceptions to this code?! If my PHP file is in another folder than the folder which .htaccess is located, how should I have an exception for that?!

My Whole code looks like:

# set it to +Indexes
Options -Indexes

Options SymLinksIfOwnerMatch

# Set the default file for indexes
DirectoryIndex index.php

<IfModule mod_rewrite.c>
    # mod_rewrite rules
    RewriteEngine on

    # If the file is NOT the index.php file
    RewriteCond %{REQUEST_FILENAME} !index.php
    # Hide all PHP files so none can be accessed by HTTP
    RewriteRule (.*)\.php$ index.php/$1

    # If the file/dir is NOT real go to index
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php/$1 [QSA,L]

</IfModule>

# If Mod_ewrite is NOT installed go to index.php
<IfModule !mod_rewrite.c>
    ErrorDocument 404 index.php
</IfModule>

Upvotes: 3

Views: 2973

Answers (2)

cartalot
cartalot

Reputation: 3148

this might help - put your codeigniter folders one level up, above the html files. i'm going to show this by also renaming the ci folders slightly

 /               /html/site files are here
/applicationbeta/html/
/systemci2      /html/

in the site files, make a folder, for example 'website' put your codeigniter index.php file in it put any of your assets like css and js in it

              /html/website/index.php 
              /html/website/assets/

then in your index.php file change the path to your system and application folders i've renamed them to show how easy it is to make different versions 

$system_path = '../../systemci2'; 
$application_folder = '../../applicationbeta';

put a base url config in index.php -- that will deal with the website folder and will make all your links correct.

$assign_to_config['base_url'] = 'http://domain.com/website/';

the htaccess file in the folder website should contain a line like 

RewriteRule ^(.*)$ /website/index.php/$1 [L]

Many many advantages to doing it this way. INCLUDING -- not having to worry about base_url() settings for development versus deployment servers.

i just scanned a long tutorial on how to dynamically set base_url with lots of code. But if you just set it in the index.php file - you never have to worry about it - because the index.php file location - never changes!

Upvotes: 0

anubhava
anubhava

Reputation: 784998

Add another exclude condition like this:

# If the request is not from /some-folder/
RewriteCond %{REQUEST_URI} !^/some-folder/ [NC]
# If the file is NOT the index.php file
RewriteCond %{REQUEST_FILENAME} !index.php
# Hide all PHP files so none can be accessed by HTTP
RewriteRule ^(.*)\.php$ index.php/$1 [L,NC]

Upvotes: 2

Related Questions