I have some pages that I don't want users to be able to access directly.
我有一些页面,我不希望用户能够直接访问。
I have this function I came up with which works:
我有这个功能,我提出了哪些工作:
function prevent_direct_access()
{
if($_SERVER['REQUEST_URI'] == $_SERVER['PHP_SELF'])
{
//include_once('404.php');
header("Location: 404.php");
}
}
This does exactly what I want, the URL does not change but the content does. However I am wondering if there is something I need to add to tell search engines that this is a 404 and not to index it. keep in mind I do not want the URL to change though.
这正是我想要的,URL不会改变但内容会改变。但是我想知道是否有一些东西我需要添加来告诉搜索引擎这是一个404而不是索引它。请记住,我不希望URL改变。
Thanks!
4 个解决方案
#1
Don’t redirect but send the 404 status code:
不要重定向,但发送404状态代码:
header($_SERVER['SERVER_PROTOCOL'].' 404 Not Found', true, 404);
exit;
#2
for the search engines, if you return HTTP status 404 they should not index I believe. But you could always redirect to somewhere covered by a robots.txt
对于搜索引擎,如果你返回HTTP状态404,他们不应该索引我相信。但是你总是可以重定向到robots.txt覆盖的某个地方
#3
Just to clarify:
只是为了澄清:
- You have some PHP that you want available to other PHP programs on the system
- You do not want anybody accessing it except by running one of the other PHP programs
您有一些PHP可用于系统上的其他PHP程序
除了运行其他PHP程序之外,您不希望任何人访问它
(i.e. "direct" doesn't mean "except by following a link from another page on this site")
(即“直接”并不意味着“除非通过本网站上另一页的链接”)
Just keep the PHP file outside the webroot. That way it won't have a URL in the first place.
只需将PHP文件保留在webroot之外。这样它首先就没有URL。
#4
To ensure Search Engines don't index it, use a header() command to send a 404 lke this;
要确保搜索引擎不对其进行索引,请使用header()命令发送404 lke this;
header("HTTP/1.0 404 Not Found");
Or put all such files in one folder, "includes" say, and add a "Deny /includes/" into your robots.txt file. This way, you can also add a ".htaccess" file in the same directory with one line - "Deny From All" - this will tell Apache to block access (if apache is configured properly), for another layer of security.
或者将所有这些文件放在一个文件夹中,“包括”说,然后在robots.txt文件中添加“拒绝/包含/”。这样,您还可以在同一目录中添加一个“.htaccess”文件,其中包含一行 - “全部拒绝” - 这将告诉Apache阻止访问(如果apache配置正确),这是另一层安全性。
#1
Don’t redirect but send the 404 status code:
不要重定向,但发送404状态代码:
header($_SERVER['SERVER_PROTOCOL'].' 404 Not Found', true, 404);
exit;
#2
for the search engines, if you return HTTP status 404 they should not index I believe. But you could always redirect to somewhere covered by a robots.txt
对于搜索引擎,如果你返回HTTP状态404,他们不应该索引我相信。但是你总是可以重定向到robots.txt覆盖的某个地方
#3
Just to clarify:
只是为了澄清:
- You have some PHP that you want available to other PHP programs on the system
- You do not want anybody accessing it except by running one of the other PHP programs
您有一些PHP可用于系统上的其他PHP程序
除了运行其他PHP程序之外,您不希望任何人访问它
(i.e. "direct" doesn't mean "except by following a link from another page on this site")
(即“直接”并不意味着“除非通过本网站上另一页的链接”)
Just keep the PHP file outside the webroot. That way it won't have a URL in the first place.
只需将PHP文件保留在webroot之外。这样它首先就没有URL。
#4
To ensure Search Engines don't index it, use a header() command to send a 404 lke this;
要确保搜索引擎不对其进行索引,请使用header()命令发送404 lke this;
header("HTTP/1.0 404 Not Found");
Or put all such files in one folder, "includes" say, and add a "Deny /includes/" into your robots.txt file. This way, you can also add a ".htaccess" file in the same directory with one line - "Deny From All" - this will tell Apache to block access (if apache is configured properly), for another layer of security.
或者将所有这些文件放在一个文件夹中,“包括”说,然后在robots.txt文件中添加“拒绝/包含/”。这样,您还可以在同一目录中添加一个“.htaccess”文件,其中包含一行 - “全部拒绝” - 这将告诉Apache阻止访问(如果apache配置正确),这是另一层安全性。