Hello! 欢迎来到盒子萌!

Whmcs下Apache和 Nginx伪静态规则和防模板下载规则


avatar
嘉木 2014-08-06 31

大部分人安装使用了鳄鱼的WHMCS主机是apache驱动,所以默认whmcs安装包里已经存在了伪静态规则,但是鳄鱼主机没有关闭目录浏览所以会暴露没有index.*文件的目录,同时这几天有几位客户也咨询了nginx的伪静态,这里也就分享下

Whmcs For Apache 伪静态 文件.htaccess

RewriteEngine On
# 公告伪静态
RewriteRule ^announcements/([0-9]+)/[a-z0-9_-]+\.html$ ./announcements.php?id=$1 [L,NC]
RewriteRule ^announcements$ ./announcements.php [L,NC]
# 下载伪静态
RewriteRule ^downloads/([0-9]+)/([^/]*)$ ./downloads.php?action=displaycat&catid=$1 [L,NC]
RewriteRule ^downloads$ ./downloads.php [L,NC]
# 知识库伪静态
RewriteRule ^knowledgebase/([0-9]+)/[a-z0-9_-]+\.html$ ./knowledgebase.php?action=displayarticle&id=$1 [L,NC]
RewriteRule ^knowledgebase/([0-9]+)/([^/]*)$ ./knowledgebase.php?action=displaycat&catid=$1 [L,NC]
RewriteRule ^knowledgebase$ ./knowledgebase.php [L,NC]
# 防止目录暴露禁止TPL INC CFG文件被下载
Options -Indexes
< 去掉Limit GET POST>
order deny,allow
deny from all
allow from all
< 去掉/Limit>
< 去掉Limit PUT DELETE>
order deny,allow
deny from all
< 去掉/Limit>
< 去掉Files ~ "\.(tpl|inc|cfg)$">
order deny,allow
deny from all
< 去掉/files>

Whmcs For Nginx 伪静态

# 公告伪静态
rewrite ^/announcements/([0-9]+)/[a-z0-9_-]+.html$ /./announcements.php?id=$1 last;
rewrite ^/announcements$ /./announcements.php last;
# 下载伪静态
rewrite ^/downloads/([0-9]+)/([^/]*)$ /./downloads.php?action=displaycat&catid=$1 last;
rewrite ^/downloads$ /./downloads.php last;
# 知识库伪静态
rewrite ^/knowledgebase/([0-9]+)/[a-z0-9_-]+.html$ /./knowledgebase.php?action=displayarticle&id=$1 last;
rewrite ^/knowledgebase/([0-9]+)/([^/]*)$ /./knowledgebase.php?action=displaycat&catid=$1 last;
rewrite ^/knowledgebase$ /./knowledgebase.php last;
# 防止tpl inc cfg文件被下载
location ~* \.(tpl|inc|cfg)$ {
deny all; }

暂无评论

发表评论