Using RewriteEngine or PHP to prevent users bypassing CMS

Need help installing PHP, configuring a script, or configuring a server? Then come on in and post your questions! We'll try to help the best we can!

Moderator: General Moderators

Post Reply
kaubster
Forum Newbie
Posts: 1
Joined: Thu Jul 05, 2007 11:22 am

Using RewriteEngine or PHP to prevent users bypassing CMS

Post by kaubster »

I would like the prevent users from bypassing my CMS to look at the HTML files directly.

I want to force users to use PostNuke:
Example: http://domain/page.php?url=/directory/content.html

Then block users from simply entering:
http://domain/directory/content.html

How should I go about doing this?

Could there be some sort of slick RewriteEngine redirect or PHP option?
User avatar
JellyFish
DevNet Resident
Posts: 1361
Joined: Tue Feb 14, 2006 7:18 pm
Location: San Diego, CA

Post by JellyFish »

I'm currently designing a site the same way. How I'd go about it would be setting a constant in the index php page, then checking if that constant exits in the page you want to include. If it does then follow the flow of the page and if it doesn't then send a location header that redirects the user to http:domain.com/?url=domain/etc.

But then this would require you to change you page from content.html to content.php.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

I would probably go about this by using Deny from all and then <File {php file from here}> with an Allow from all. Look in to Apache's directives: mod_rewrite is not necessary for this.

Although it might be cooler to use some mod_rewrite fu to make http://domain/directory/content.html direct to the PHP script.
Post Reply