- Code: Select all
RewriteCond %{SCRIPT_FILENAME}\.php -f
RewriteRule ^(.*)$ /index/$1.php [S=1]
RewriteConds here...
...
RewriteRule !^(media|skin|js)(/.*)?$ /index.php [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L]
This is letting me use the desired links www.mysite.com/terms and Magento's www.mysite.com/checkout/cart/. The links hide /index and /index.php respectively.
What next?
1- Rewrite the first condition to include: The php file must be in the root directory for this rule to succeed.
2- Verify that these rules hold so that no php files in any folders can be directly accessed.
I think that will finally be a secure configuration. I hope any experts can help me out on this.
Many Thanks.