最後更新: 2024-02-01
目錄
AllowOverride
Types of directives that are allowed in .htaccess files
* AllowOverride is valid only in <Directory> sections specified without regular expressions
Context: directory
directive-type:
- All
- None
-
AuthConfig
(AuthGroupFile, AuthName, AuthType, AuthUserFile, Require, etc.) -
FileInfo
(document types, document meta data, mod_rewrite, mod_alias, mod_actions ...) - Indexes ( DirectoryIndex ... )
- Limit (Allow, Deny, Order ...)
- Options (Options, SSLOptions ... )
Example:
# 可以自行設定 rewrite
<Directory /var/www/html> AllowOverride FileInfo </Directory>
List
For a stricter approach
set "AllowOverride None" and use AllowOverrideList to specify the exact list of directives that .htaccess users are allowed to use.
AllowOverrideList
Individual directives that are allowed in .htaccess files
* AllowOverrideList is valid only in <Directory> sections specified without regular expressions
Example:
# Only the Redirect and RedirectMatch directives are allowed
AllowOverride None
AllowOverrideList Redirect RedirectMatch
# Allow mod_rewrite only
AllowOverride None AllowOverrideList RewriteEngine \ RewriteBase \ RewriteCond \ RewriteRule \ RewriteOptions
Override "require valid user" in .htaccess
在 .htaccess 加入 # 用 satisfy 實現
Allow from all satisfy any