En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Amplify - How to prevent access to files on a static website under /assets/php/ ?

0

I am currently hosting a static website on Amplify and so far everything is great however I am trying to prevent public access to the php folder I am using for certain scripts but the rewrite redirect rules are not working and I am able to access /assets/php/ by typing up the files in the URL. This is what I currently have:

Source addressTarget addressTypeCountry code
/assets/php//index.html404 (Redirect)-

As a test, since I don't have a 404 page yet, I am trying to just redirect to the main page but it's not working.

Any help is deeply appreciated.

Thanks.

Sujets
Web et mobile front-end
Balises
AWS Amplify
Langue
English
Axel Pina
demandé il y a un an525 vues
2 réponses
1
Réponse acceptée

Here, you are using " 404(Redirect) " which means redirects will occur only when a request points to an address that doesn’t exist due to " user enters a bad URL " or " the website does not exist ". However, in your case you are able to access the path " /assets/php/ ". So, you can use either Permanent redirect (301) or Temporary redirect (302) to avoid accessing the path " /assets/php/ " and redirecting it to "index.html"

For more detailed information on redirects and rewrites, please follow below AWS documentation[+]:

     [+] https://docs.aws.amazon.com/amplify/latest/userguide/redirects.html#types-of-redirects

Thanks!

AWS
INGÉNIEUR EN ASSISTANCE TECHNIQUE
rePost-User-0836548
répondu il y a un an
profile picture
EXPERT
Oleksii Bebych
vérifié il y a un mois
profile picture
EXPERT
Giovanni Lauria
vérifié il y a 2 mois
0

Amazon Amplify does not support PHP out of the box as it is designed for hosting static sites and single-page web applications. PHP is a server-side language and requires a server to interpret and execute it.

However, if you are using PHP files just as static files, you can control their access using the amplify.yml file. The amplify.yml file allows you to specify custom HTTP headers for your static files, such as security headers or caching headers.

As per your question, you want to prevent access to /assets/php/. AWS Amplify supports redirect and rewrite rules which you can use to control access to specific paths.

Here's how you can write a rule to redirect access from /assets/php/* to /index.html:


branch:
  master:
    redirects:
      - source: /assets/php/*
        target: /index.html
        status: '404-200'

This rule will match any request to /assets/php/* and redirect it to /index.html with a status of 404-200 (which means "treat it as if it were a 404, but instead of showing an error, show this page").

If this is not working as expected, please ensure that your amplify.yml file is correctly placed and properly indented (YAML files are indentation-sensitive). Also, remember that you need to push these changes to your Amplify app using the Amplify CLI for them to take effect.

profile picture
EXPERT
Sedat Salman
répondu il y a un an
  • Axel Pina
    il y a un an

    Thank you so much for your answer. In regards to the having to do it through the CLI is it an obligatory step or can I just change the amplify.yml through the console? Keep in mind this is a static website.

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents