Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Amplify - How to prevent access to files on a static website under /assets/php/ ?

0

I am currently hosting a static website on Amplify and so far everything is great however I am trying to prevent public access to the php folder I am using for certain scripts but the rewrite redirect rules are not working and I am able to access /assets/php/ by typing up the files in the URL. This is what I currently have:

Source addressTarget addressTypeCountry code
/assets/php//index.html404 (Redirect)-

As a test, since I don't have a 404 page yet, I am trying to just redirect to the main page but it's not working.

Any help is deeply appreciated.

Thanks.

Themen
Frontend-Web & Mobile
Tags
AWS Amplify
Sprache
English
Axel Pina
gefragt vor einem Jahr525 Aufrufe
2 Antworten
1
Akzeptierte Antwort

Here, you are using " 404(Redirect) " which means redirects will occur only when a request points to an address that doesn’t exist due to " user enters a bad URL " or " the website does not exist ". However, in your case you are able to access the path " /assets/php/ ". So, you can use either Permanent redirect (301) or Temporary redirect (302) to avoid accessing the path " /assets/php/ " and redirecting it to "index.html"

For more detailed information on redirects and rewrites, please follow below AWS documentation[+]:

     [+] https://docs.aws.amazon.com/amplify/latest/userguide/redirects.html#types-of-redirects

Thanks!

AWS
SUPPORT-TECHNIKER
rePost-User-0836548
beantwortet vor einem Jahr
profile picture
EXPERTE
Oleksii Bebych
überprüft vor einem Monat
profile picture
EXPERTE
Giovanni Lauria
überprüft vor 2 Monaten
0

Amazon Amplify does not support PHP out of the box as it is designed for hosting static sites and single-page web applications. PHP is a server-side language and requires a server to interpret and execute it.

However, if you are using PHP files just as static files, you can control their access using the amplify.yml file. The amplify.yml file allows you to specify custom HTTP headers for your static files, such as security headers or caching headers.

As per your question, you want to prevent access to /assets/php/. AWS Amplify supports redirect and rewrite rules which you can use to control access to specific paths.

Here's how you can write a rule to redirect access from /assets/php/* to /index.html:


branch:
  master:
    redirects:
      - source: /assets/php/*
        target: /index.html
        status: '404-200'

This rule will match any request to /assets/php/* and redirect it to /index.html with a status of 404-200 (which means "treat it as if it were a 404, but instead of showing an error, show this page").

If this is not working as expected, please ensure that your amplify.yml file is correctly placed and properly indented (YAML files are indentation-sensitive). Also, remember that you need to push these changes to your Amplify app using the Amplify CLI for them to take effect.

profile picture
EXPERTE
Sedat Salman
beantwortet vor einem Jahr
  • Axel Pina
    vor einem Jahr

    Thank you so much for your answer. In regards to the having to do it through the CLI is it an obligatory step or can I just change the amplify.yml through the console? Keep in mind this is a static website.

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt