I've got the following code in my htaccess file:
##
## Block all PHP files, except index
##
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} \.php$
RewriteRule !^index.php index.php [L,NC]
I need to allow one particular php file to execute, which may be in a number of different directories. Is it possible to modify the above to allow access to index.php (in the root), and also any file named upload.php, regardless of where it is located?
Thanks in advance.
You can modify your negative pattern in RewriteRule for skipping more files like this:
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} \.php$
RewriteRule !(^index\.php|(^|/)upload\.php)$ index.php [L,NC]
Since we are matching anchor ^ or / before upload.php here we let it match in any location.