.php and ajax script protection

Fix it!!

Postby richardk » Wed Dec 24, 2008 8:54 am

My mistake. Try (from thread #21000)
Code: Select all
Options +FollowSymLinks

RewriteEngine On

# Remove the .php from PHP files (only files
# that exist).
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule ^(.+)\.php$ /$1/ [R=301,L]

# Redirect  /<name to /<name>/ if a PHP file
# or directory exists.
RewriteCond %{DOCUMENT_ROOT}/$1.php -f [OR]
RewriteCond %{SCRIPT_FILENAME} -d
RewriteRule ^(.*[^/])$ /$1/ [R=301,L]

# Rewrite /<name>/ to /<name>.php if
# a PHP file exists and a directory does not.
RewriteCond %{DOCUMENT_ROOT}/$1.php -f
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteRule ^(.*[^/])/$ /$1.php [QSA,L]
richardk
 
Posts: 8800
Joined: Wed Dec 21, 2005 7:50 am

Previous

Return to Security with Mod_Rewrite

Who is online

Users browsing this forum: Google [Bot] and 1 guest

cron