0

For example: www.example.com/about.php

I don't want the files with the extension .php to be available to reach, display a 404 page instead.

I have the files in the root folder: content.php about.php footer.php etc... Now i can reach these files by typing in to the adress bar. I want to restrict this.

How can i do that?

Wim Coenen
  • 66,094
  • 13
  • 157
  • 251
Maxxon
  • 303
  • 2
  • 3
  • 10
  • See my post below. Mod rewrite is not required (nor is it the best solution) for something this simple. – El Yobo Nov 29 '10 at 04:25

2 Answers2

6

A better approach that avoids the overhead and complexity of mod_rewrite is to simply not put files you don't want reached by url in the root folder. You can just put them somewhere else and include them from there; simple and (more) secure, but for some reason this doesn't seem to be common knowledge.

An example structure might be

project/
project/root
project/lib

Your public code (e.g. index.php) would live in project/root, and that would be the website root. Your included code would live in project/lib can be easily included using require, include, etc.

No mod_rewrite. Very simple.

El Yobo
  • 14,823
  • 5
  • 60
  • 78
  • 1
    Yeah, but this way I can still access those files. – Maxxon Nov 29 '10 at 04:27
  • Ah, if you use mod_rewrite you *won't* be able to access the files via URL, that's the point. In either approach you will still be able to edit the files using an editor, which is the only way you need to access them. – El Yobo Nov 29 '10 at 04:38
  • I implemented El Yobo's solution on my site. I placed all of my includes in a `/pages` directory and then added `RewriteRule ^pages/(.*)$ /404 [R=301,L]` to kick out people trying to access the includes directly. – Paul May 07 '12 at 02:27
0
RewriteRule \.php$ /path/to/page/404.html
zerkms
  • 249,484
  • 69
  • 436
  • 539