Home/ Questions/Q 9037753
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T09:19:10+00:00

Currently everything is working golden except for the fact that a user could manually

  • 0

Currently everything is working golden except for the fact that a user could manually put in a URL, which messes up how CI is setup for my site. For instance:

www.somesite.com/folder/

this folder in the controller should not be accessible… and needs to redirected to that folders index page, which will give them a 404 error. I’ve tried adding deny to all in the htaccess file, but it doesn’t seem to do anything.

www.somesite.com/folder/index.html

I actually want all folders to function likes this. I do have an index.html file in the folder, but it doesn’t get read. Is there a way to fix this in CI? I’m also having an issue with users being able to manually access the controller functions. I’ve tried to change them to private as people have suggested, but then my scripts can’t access them. For instance:

www.somesite.com/controller_file/some_function

How do I block them from accessing this function?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can create a whitelist sollution:

    1. Open your application/config/routes.php
    2. add the routes you want to allow.
    3. add a catchall route .* And redirect it to a errot handler

    Codeigniters trys to matches the route patterns in the order they are listed in the array so
    whenever a user enters a route you did not explicitly allow it will allqays redirect him to the catchall route

    user-guide on routing

    EDIT:
    You can create a blacklist logic by redirecting only requests matching a specific pattern, and keep the default behaviour for all others.

    • 0