Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Amplify - How to prevent access to files on a static website under /assets/php/ ?

0

I am currently hosting a static website on Amplify and so far everything is great however I am trying to prevent public access to the php folder I am using for certain scripts but the rewrite redirect rules are not working and I am able to access /assets/php/ by typing up the files in the URL. This is what I currently have:

Source addressTarget addressTypeCountry code
/assets/php//index.html404 (Redirect)-

As a test, since I don't have a 404 page yet, I am trying to just redirect to the main page but it's not working.

Any help is deeply appreciated.

Thanks.

Temas
Web y móvil front-end
Etiquetas
AWS Amplify
Idioma
English
Axel Pina
preguntada hace un año527 visualizaciones
2 Respuestas
1
Respuesta aceptada

Here, you are using " 404(Redirect) " which means redirects will occur only when a request points to an address that doesn’t exist due to " user enters a bad URL " or " the website does not exist ". However, in your case you are able to access the path " /assets/php/ ". So, you can use either Permanent redirect (301) or Temporary redirect (302) to avoid accessing the path " /assets/php/ " and redirecting it to "index.html"

For more detailed information on redirects and rewrites, please follow below AWS documentation[+]:

     [+] https://docs.aws.amazon.com/amplify/latest/userguide/redirects.html#types-of-redirects

Thanks!

AWS
INGENIERO DE SOPORTE
rePost-User-0836548
respondido hace un año
profile picture
EXPERTO
Oleksii Bebych
revisado hace un mes
profile picture
EXPERTO
Giovanni Lauria
revisado hace 3 meses
0

Amazon Amplify does not support PHP out of the box as it is designed for hosting static sites and single-page web applications. PHP is a server-side language and requires a server to interpret and execute it.

However, if you are using PHP files just as static files, you can control their access using the amplify.yml file. The amplify.yml file allows you to specify custom HTTP headers for your static files, such as security headers or caching headers.

As per your question, you want to prevent access to /assets/php/. AWS Amplify supports redirect and rewrite rules which you can use to control access to specific paths.

Here's how you can write a rule to redirect access from /assets/php/* to /index.html:


branch:
  master:
    redirects:
      - source: /assets/php/*
        target: /index.html
        status: '404-200'

This rule will match any request to /assets/php/* and redirect it to /index.html with a status of 404-200 (which means "treat it as if it were a 404, but instead of showing an error, show this page").

If this is not working as expected, please ensure that your amplify.yml file is correctly placed and properly indented (YAML files are indentation-sensitive). Also, remember that you need to push these changes to your Amplify app using the Amplify CLI for them to take effect.

profile picture
EXPERTO
Sedat Salman
respondido hace un año
  • Axel Pina
    hace un año

    Thank you so much for your answer. In regards to the having to do it through the CLI is it an obligatory step or can I just change the amplify.yml through the console? Keep in mind this is a static website.

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante