web根目录下.htaccess
写道
Options +FollowSymLinks
IndexIgnore */*
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
# Block access to backup and source files
# These files may be left by some text/html editors and
# pose a great security danger, when someone can access them
<FilesMatch "(\.(bak|bat|config|sql|fla|md|psd|ini|log|sh|inc|swp|dist)|~|init|composer\.json|composer\.lock)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# Block access to "hidden" directories whose names begin with a period. This
# includes directories used by version control systems such as Subversion or Git.
<IfModule mod_rewrite.c>
RewriteCond %{SCRIPT_FILENAME} -d
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule "(^|/)\." - [F]
</IfModule>
# "-Indexes" will have Apache block users from browsing folders without a default document
# Usually you should leave this activated, because you shouldn't allow everybody to surf through
# every folder on your server (which includes rather private places like CMS system folders).
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
Header always add X-Frame-Options SAMEORIGIN
Header always add Content-Security-Policy "default-src 'self';script-src 'unsafe-inline' 'self';style-src 'unsafe-inline' 'unsafe-eval' 'self';img-src 'self';connect-src 'self'"
IndexIgnore */*
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
# Block access to backup and source files
# These files may be left by some text/html editors and
# pose a great security danger, when someone can access them
<FilesMatch "(\.(bak|bat|config|sql|fla|md|psd|ini|log|sh|inc|swp|dist)|~|init|composer\.json|composer\.lock)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# Block access to "hidden" directories whose names begin with a period. This
# includes directories used by version control systems such as Subversion or Git.
<IfModule mod_rewrite.c>
RewriteCond %{SCRIPT_FILENAME} -d
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule "(^|/)\." - [F]
</IfModule>
# "-Indexes" will have Apache block users from browsing folders without a default document
# Usually you should leave this activated, because you shouldn't allow everybody to surf through
# every folder on your server (which includes rather private places like CMS system folders).
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
Header always add X-Frame-Options SAMEORIGIN
Header always add Content-Security-Policy "default-src 'self';script-src 'unsafe-inline' 'self';style-src 'unsafe-inline' 'unsafe-eval' 'self';img-src 'self';connect-src 'self'"
然后protected和每个views目录加入.htaccess内容如下
写道
deny from all
上传目录加入.htaccess内容如下
写道
Options None
<FilesMatch "\.(php|php?|phtml)">
Order Allow,Deny
Deny from all
</FilesMatch>
<FilesMatch "\.(php|php?|phtml)">
Order Allow,Deny
Deny from all
</FilesMatch>
相关推荐
很好用yii框架很好用yii框架很好用yii框架很好用yii框架很好用yii框架很好用yii框架很好用yii框架很好用yii框架很好用yii框架很好用yii框架很好用yii框架很好用yii框架很好用yii框架
Yii2.0级基于Yii1.X完全重写的,不仅是小版本升级的升级。所以想要系统学习Yii2.0这个框架这套教程可以从实战项目带你入手。不错的学习YII框架的基础课程,电商系统的结构完整、框架资源太大,传百度网盘了,链接在...
《深入理解Yii2.0》是一本干货。主要讲解Yii2.0及所代表的最新一代Web开发框架的新特性、新技术、新理念、新模式。 采用的方式是分析框架的源代码,尝试从根上进行理解和阐述,并融入个人使用Yii开发的一些经验和...
Yii采用严格的OOP编写,并有着完善的库引用以及全面的教程。从 MVC,DAO/ActiveRecord,widgets,caching,等级式RBAC,Web服务,到主题化,I18N和L10N,Yii提供了今日Web 2.0应用开发所需要的几乎一切功能。事实上...
yii1.1.10 开发包(包含yii权威指南以及yii博客例子讲解)
Yii权威指南思维导图 yii类结构 类导图 权威指南
Yii 是什么 Yii 是一个基于组件、用于开发大型 Web 应用的高性能 PHP 框架。它将 Web 编程中的可重用性发挥到极致,能够显著加速开发进程。Yii(读作“易”)代表简单(easy)、高效(efficient)、可扩展(extensible)。...
yii框架中文手册教程和YII模板 我很辛苦才找到的
Yii Framework 2 (Yii2) is the successor to the popular Yii framework. Like its successor, Yii2 is an open source, high-performance rapid development framework designed to create modern, scalable, ...
Yii2参考手册,Yii2中文手册完整版
YII 多种缓存机制的运用 如文件缓存内存缓存 动态缓存等
刚下载的yii2,新下载的yii2
yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架yii框架
yii1.1中文文档 yii框架中文手册教程.pdf
yii framework框架 + yii app模板(基本、高级)
Yii Yii框架 Yii框架快速入门,自己整理的很全的,很容易看懂
yii2 创建表单 笔记
Yii是一个全栈式的MVC框架,所谓全栈式指的是Yii框架本身实现了web开发中所要用到的所有功能,比如MVC,ORM(DAO/ActiveRecord), 全球化(I18N/L10N), 缓存(caching), 基于jQuery Ajax支持(jQuery-based AJAX support), ...
yii-1.1.8.r3324
yii的小部件使用的总结,快速生成增删改查,感觉不同的需求进行逻辑修改!