EllisLab text mark
Advanced Search
3 of 3
3
   
Super .htaccess file
Posted: 05 February 2009 06:25 PM   [ # 31 ]   [ Rating: 0 ]
Avatar
Joined: 2008-07-16
411 posts

I don’t think it is good to split up a system into more than two directories (CI system and your appplication) because they both are different. You should never touch the system dir so you can just keep it setup on SVN updates. But the app directory could be moved around to any CI install without any trouble.

Anyway, with Apache setup right - I don’t know why people are so worried about having PHP files in the open - no one can get to them - we don’t even need “index.html” or “if(!defined)” checks.

 Signature 

My Blog, C2D, PHP Videos, Résumé, Super .htaccess, Extra hooks, and MicroMVC

 
Posted: 13 April 2009 06:27 PM   [ # 32 ]   [ Rating: 0 ]
Avatar
Joined: 2008-07-16
411 posts

I was just going over this file when I realized that it can be improved.

# If the file is NOT the index.php file
RewriteCond %{REQUEST_FILENAME} !index.php
# Hide all PHP files so none can be accessed by HTTP
RewriteRule (.*)\.phpindex.php?/$1

# If the file/dir is not real
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond 
%{REQUEST_FILENAME} !-d

RewriteRule 
^(.*)$ index.php?/$1 [QSA,L] 

Shouldn’t we be able to check to see if it has a PHP extension instead of just point everything to the index.php file?

# If the file/dir is not real
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond 
%{REQUEST_FILENAME} !-d

# Hide all PHP files so none can be accessed by HTTP
# If they are accessing a PHP file 
RewriteCond %{REQUEST_FILENAME}\.php -f

RewriteRule 
^(.*)$ index.php?/$1 [QSA,L] 

Is this the right way to do it?

 Signature 

My Blog, C2D, PHP Videos, Résumé, Super .htaccess, Extra hooks, and MicroMVC

 
3 of 3
3