I am using
RewriteEngine On
RewriteRule ^.*$ ./index.php
to redirect all my website traffic through index.php and let my php code get the request_uri and route each request accordingly.
I want to restrict access to all other files/directories except one that will contain the js files, css files, images etc.
I found that to do that I can use:
Order deny,allow
Deny from all
<Files index.php>
Order Allow,Deny
Allow from all
</Files>
and then have another .htaccess file inside the public directory to allow certain file types.
When I navigate to localhost/mysite/index.php it works fine since the index.php file is accessible.
But for any other url I get a 403, for example /mysite/home/ is forbidden even though I expected it to work normally.
What can I do get the expected behavior?
My full .htacces file is:
RewriteEngine On
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^.*$ ./index.php
Order deny,allow
Deny from all
<Files index.php>
Order Allow,Deny
Allow from all
</Files>
EDIT: The /public/.htaccess currently looks like this:
<Files ~ "\.(xml|css|jpe?g|png|gif|js|pdf)$">
Allow from all
</Files>
Try this code in /mysite/.htaccess
:
DirectoryIndex index.php
RewriteEngine On
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^ index.php [L]
RewriteRule !^(public/|index\.php) [NC,F]
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With