如何使Apache仅在文件存在的情况下禁止该文件?

时间:2022-02-04 23:49:34

I've been working on this problem for a couple hours no, still with no resolution. In case you don't understand what I'm asking from the title, I'll elaborate. I'm trying to forbid access to certain stylesheets and scripts from Apache, but I only want it to throw the 403 error if the file doesn't exist.

我一直在研究这个问题几个小时没有,仍然没有解决方案。如果你不明白我在标题中提出的问题,我会详细说明。我试图禁止从Apache访问某些样式表和脚本,但我只希望它在文件不存在时抛出403错误。

Here's some examples of what I have tried:

这是我尝试过的一些例子:

RewriteCond %{REQUEST_FILENAME} -d
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule (admin|staff)-?[a-zA-Z1-9]*\.(css|js|php)(.map)?$ - [F,L,NC]

This didn't work for some strange reason, have no idea why.

这不是出于某些奇怪的原因,不知道为什么。

Also, before I continue on with more examples, I'll explain what I'm trying to achieve with the regex: I'm using versioning, so I can never be sure what comes after the admin and staff, so I'm using a optional character class. It only affects css, js and php extensions, as well as css.map extensions. By the way if your wondering why there is a dash in between the character class and the admin|staff part of the regex it's because my versioning tool seperates the date and the file name with a dash. Just in case this infomation will help you the versioning tool I am using is Laravel Elixir.

此外,在我继续更多示例之前,我将解释我正在尝试使用正则表达式实现的目标:我正在使用版本控制,因此我无法确定管理员和员工之后会发生什么,所以我正在使用一个可选的字符类。它只影响css,js和php扩展,以及css.map扩展。顺便说一句,如果你想知道为什么在正则表达式的字符类和admin | staff部分之间存在短划线,那是因为我的版本控制工具用破折号分隔日期和文件名。以防这个信息可以帮助您使用的版本工具是Laravel Elixir。

More Examples:

更多例子:

RewriteCond %{REQUEST_FILENAME} -d
RewriteCond %{REQUEST_FILENAME} -f
RewriteRedirect 403 (admin|staff)-?[a-zA-Z1-9]*\.(css|js|php)(.map)?$

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRedirect 404 (admin|staff)-?[a-zA-Z1-9]*\.(css|js|php)(.map)?$

In this example whatever one you put first it call that error code.

在这个示例中,无论您放置哪个,它都会调用该错误代码。

I've even tried using the directive but it seems to be called even if the file doesn't exist.

我甚至尝试过使用该指令,但即使该文件不存在,它似乎也会被调用。

<FilesMatch "(admin|staff)-?[a-zA-Z1-9]*\.(css|js|php)(.map)?$">
    deny from all
</FilesMatch>

Thanks for any help you can provide, for some reason I can't seem to find anything on this sort of thing online!

感谢您提供的任何帮助,出于某种原因,我似乎无法在网上找到任何关于此类事情的内容!

Edit:

Covenor wanted some examples so here they are:

Covenor想要一些例子,所以他们在这里:

  • /anydirectory/admin-12d16m4.css

    /anydirectory/admin-12d16m4.css

  • /anydirectory/staff.js

    /anydirectory/staff.js

  • anydirectory/admin.php

    anydirectory / admin.php的

Edit 2:

Thanks to Covenor, I've partially fixed my problem. Here's my code now:

感谢Covenor,我已经部分修复了我的问题。这是我现在的代码:

RewriteCond %{REQUEST_FILENAME} -f
RewriteRule (admin|staff)-?[a-zA-Z1-9]*\.(css|js|php)(.map)?$ - [F,L,NC]

This works, for files like admin.css, admin.js, admin.css.map, but as soon as I implement the versioned files it doesn't hide them. Here's an example of a versioned file name: app-968b520079.css . It isn't hiding it even though I can't find a problem in my regex.

这适用于admin.css,admin.js,admin.css.map等文件,但是一旦我实现版本化文件,它就不会隐藏它们。以下是版本化文件名的示例:app-968b520079.css。即使我在我的正则表达式中找不到问题,它也没有隐藏它。

Thanks for any more help.

感谢您提供更多帮助。

Final:

Thanks to everyone that has helped, the issue has been fully resolved. For anyone who wants to know the exact code I used, here it is:

感谢所有帮助过的人,问题已得到彻底解决。对于想要了解我使用的确切代码的人来说,这里是:

RewriteCond %{REQUEST_FILENAME} -f
RewriteRule (admin|staff)-?[A-Za-z0-9]*(.min)?(?(-1)(css|js)|(css.map|css|js|php))$ - [F,L,NC]

P.S, I'm not sure who to give the bounty to, so whoever gets the most votes will get the bounty.

P.S,我不确定是谁给予赏金,所以获得最多选票的人将得到赏金。

2 个解决方案

#1


4  

There are two reasons why it's not matching app-968b520079.css

有两个原因导致它与app-968b520079.css不匹配

The first is the "app" bit, which is not contained in the

第一个是“app”位,它不包含在

(admin|staff)

(管理员|职员)

at the beginning of your regex.

在正则表达式的开头。

You should change that to

你应该改变它

(admin|staff|app)

(管理员|人员|应用)

if you want to match anything starting with "app-".

如果你想匹配任何以“app-”开头的东西。

The second is the fact that the 968b520079 contains two zeros, and you're testing for

第二个事实是968b520079包含两个零,你正在测试

[a-zA-Z1-9]

[A-ZA-Z1-9]

which means: a to z, A to Z and 1 to 9

这意味着:a到z,A到Z和1到9

You should test for 0 to 9, change it to

您应该测试0到9,将其更改为

[a-zA-Z0-9]

[A-ZA-Z0-9]

and your regex shoud work just fine.

你的正则表达式工作得很好。

#2


2  

Your first "what I tried" example only matches when the translated URL is simultaneously a directory and a file, which is never true. You need [OR] to join the two conditions or drop the -d condition completely (due to your regex matching things that would commonly be files not directories)

您的第一个“我尝试过的”示例仅在翻译的URL同时是目录和文件时匹配,这是永远不会的。您需要[OR]加入这两个条件或完全删除-d条件(由于您的正则表达式匹配通常不是文件而不是目录的东西)

RewriteCond %{REQUEST_FILENAME} -f
RewriteRule 403 (admin|staff)-?[a-zA-Z1-9]*\.(css|js|php)(.map)?$

#1


4  

There are two reasons why it's not matching app-968b520079.css

有两个原因导致它与app-968b520079.css不匹配

The first is the "app" bit, which is not contained in the

第一个是“app”位,它不包含在

(admin|staff)

(管理员|职员)

at the beginning of your regex.

在正则表达式的开头。

You should change that to

你应该改变它

(admin|staff|app)

(管理员|人员|应用)

if you want to match anything starting with "app-".

如果你想匹配任何以“app-”开头的东西。

The second is the fact that the 968b520079 contains two zeros, and you're testing for

第二个事实是968b520079包含两个零,你正在测试

[a-zA-Z1-9]

[A-ZA-Z1-9]

which means: a to z, A to Z and 1 to 9

这意味着:a到z,A到Z和1到9

You should test for 0 to 9, change it to

您应该测试0到9,将其更改为

[a-zA-Z0-9]

[A-ZA-Z0-9]

and your regex shoud work just fine.

你的正则表达式工作得很好。

#2


2  

Your first "what I tried" example only matches when the translated URL is simultaneously a directory and a file, which is never true. You need [OR] to join the two conditions or drop the -d condition completely (due to your regex matching things that would commonly be files not directories)

您的第一个“我尝试过的”示例仅在翻译的URL同时是目录和文件时匹配,这是永远不会的。您需要[OR]加入这两个条件或完全删除-d条件(由于您的正则表达式匹配通常不是文件而不是目录的东西)

RewriteCond %{REQUEST_FILENAME} -f
RewriteRule 403 (admin|staff)-?[a-zA-Z1-9]*\.(css|js|php)(.map)?$