使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Amplify - How to prevent access to files on a static website under /assets/php/ ?

0

I am currently hosting a static website on Amplify and so far everything is great however I am trying to prevent public access to the php folder I am using for certain scripts but the rewrite redirect rules are not working and I am able to access /assets/php/ by typing up the files in the URL. This is what I currently have:

Source addressTarget addressTypeCountry code
/assets/php//index.html404 (Redirect)-

As a test, since I don't have a 404 page yet, I am trying to just redirect to the main page but it's not working.

Any help is deeply appreciated.

Thanks.

主題
前端網頁與行動裝置
標籤
AWS Amplify
語言
English
Axel Pina
已提問 1 年前檢視次數 527 次
2 個答案
1
已接受的答案

Here, you are using " 404(Redirect) " which means redirects will occur only when a request points to an address that doesn’t exist due to " user enters a bad URL " or " the website does not exist ". However, in your case you are able to access the path " /assets/php/ ". So, you can use either Permanent redirect (301) or Temporary redirect (302) to avoid accessing the path " /assets/php/ " and redirecting it to "index.html"

For more detailed information on redirects and rewrites, please follow below AWS documentation[+]:

     [+] https://docs.aws.amazon.com/amplify/latest/userguide/redirects.html#types-of-redirects

Thanks!

AWS
支援工程師
rePost-User-0836548
已回答 1 年前
profile picture
專家
Oleksii Bebych
已審閱 2 個月前
profile picture
專家
Giovanni Lauria
已審閱 3 個月前
0

Amazon Amplify does not support PHP out of the box as it is designed for hosting static sites and single-page web applications. PHP is a server-side language and requires a server to interpret and execute it.

However, if you are using PHP files just as static files, you can control their access using the amplify.yml file. The amplify.yml file allows you to specify custom HTTP headers for your static files, such as security headers or caching headers.

As per your question, you want to prevent access to /assets/php/. AWS Amplify supports redirect and rewrite rules which you can use to control access to specific paths.

Here's how you can write a rule to redirect access from /assets/php/* to /index.html:


branch:
  master:
    redirects:
      - source: /assets/php/*
        target: /index.html
        status: '404-200'

This rule will match any request to /assets/php/* and redirect it to /index.html with a status of 404-200 (which means "treat it as if it were a 404, but instead of showing an error, show this page").

If this is not working as expected, please ensure that your amplify.yml file is correctly placed and properly indented (YAML files are indentation-sensitive). Also, remember that you need to push these changes to your Amplify app using the Amplify CLI for them to take effect.

profile picture
專家
Sedat Salman
已回答 1 年前
  • Axel Pina
    1 年前

    Thank you so much for your answer. In regards to the having to do it through the CLI is it an obligatory step or can I just change the amplify.yml through the console? Keep in mind this is a static website.

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容