Running Custom php script within Drupal Directory

By default, Drupal will not allow running of any other PHP scripts within Drupal directory. It will return "403 Forbidden", if anybody trying to access the PHP scripts.

To by pass this constraint, we will need to add 2 lines in .htaccess. .htaccess is in Drupal root directory.

1. Open .htaccess with a text editor

2. Find the section below:

  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_URI} !=/favicon.ico
  RewriteRule ^ index.php [L]

  Before RewriteRule, add

RewriteCond %{REQUEST_URI} !script

where "script" is the directory name or file name of your custom php script.

 3. Find the section below:

  RewriteCond %{REQUEST_URI} !/core/[^/]*\.php$
  RewriteCond %{REQUEST_URI} !/core/modules/system/tests/https?.php
  RewriteCond %{REQUEST_URI} !/core/modules/statistics/statistics.php$
  RewriteRule "^(.+/.*|autoload)\.php($|/)" - [F]

  Before RewriteRule, add

 

RewriteCond %{REQUEST_URI} !script

where "script" is the directory name or file name of your custom php script.

4. Save the file and exit.

5. You will need to add the lines back every time you upgrade Drupal.

 

What does the changes mean?

RewriteCond means the condition for the RewriteRule to execute.

So, by adding a "RewriteCond %{REQUEST_URI} !script", we add a new condition that tells the web server to skip this rule, if the URI has the word "script" in it. So, the "script" directory or file will no longer be managed by Drupal.

See how it works:

https://worria.com/script/trace.php

https://worria.com/

Tags