I have asked another question on here with the premise of limiting download speeds via PHP and I have since come to conclusion that using mod_limitrate was the best solution. so using the following code I have successfully managed to limit the download speed.
<Location "/limit5">
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 5120
SetEnv rate-initial-burst 5120
</Location>
<Location "/unlimited">
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 204800
SetEnv rate-initial-burst 204800
</Location>
However my file structure was not built with this in mind so everything is on the / directory, the following is my file structure
/downloads
-> /downloads/1.zip
-> /downloads/2.zip
...
...
Which makes my download links https://example.com/downloads/1.zip so is it possible to add a part to the URL such as https://example.com/limit5/downloads/1.zip however would still direct to https://example.com/downloads/1.zip ?
I am presuming htaccess is the answer, but I'm not sure how to go about this.
You can try this rule in your Apache VirtualHost config or in site root .htaccess:
RewriteEngine On
RewriteRule ^/?\w+(/downloads/.+)$ $1 [L,NC]
If you want to allow only 2 parts before downloads/ then use:
RewriteRule ^/?(?:limit5|unnlimited)(/downloads/.+)$ $1 [L,NC]
Related
For the past several days I have been trying to force my application to forward a non https call to my domain to an https one.
I have a Web Server elastic beanstalk configured with 64bit Amazon Linux 2016.03, v2.2.0 running Tomcat 8 Java 8. I created a folder in my app named .ebextensions with a file named ssl_rewrite.config. The file contains this:
files:
"/etc/httpd/conf.d/ssl_rewrite.conf":
mode: "000644"
owner: root
group: root
content: |
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule !/status https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
It used to contain this, taken from this example, but I was getting errors for the if statement:
files:
"/etc/httpd/conf.d/ssl_rewrite.conf":
mode: "000644"
owner: root
group: root
content: |
RewriteEngine On
<If "-n '%{HTTP:X-Forwarded-Proto}' && %{HTTP:X-Forwarded-Proto} != 'https'">
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</If>
Anyway, when I try to deploy my app it fails and I get this error:
Application update failed at 2016-10-17T01:33:00Z with exit status 1 and error: Hook /opt/elasticbeanstalk/hooks/appdeploy/pre/03_configure_proxy.sh failed.
Executing: /opt/elasticbeanstalk/bin/log-conf -n httpd -l'/var/log/httpd/*'
Executing: /usr/sbin/apachectl -t -f /var/elasticbeanstalk/staging/httpd/conf/httpd.conf
Syntax error on line 1 of /etc/httpd/conf.d/ssl_rewrite.conf:
Invalid command 'RewriteEngine', perhaps misspelled or defined by a module not included in the server configuration
Failed to execute '/usr/sbin/apachectl -t -f /var/elasticbeanstalk/staging/httpd/conf/httpd.conf'
Failed to execute '/usr/sbin/apachectl -t -f /var/elasticbeanstalk/staging/httpd/conf/httpd.conf'.
I have already gone into the httpd.conf file and added the line:
LoadModule rewrite_module modules/mod_rewrite.so
Any tips or ideas on what I am doing wrong? Thanks!
For those who struggled for some time, I've found a GitHub (from AWS team) with all AWS configs and the example below works for the HTTP>HTTPS redirection for Apache 2.2. (For configs for Apache 2.4 and Nginx please see the link below).
Apache 2.2
Create a file in the root directory of your app:
YOUR_PROJECT_ROOT/.ebextensions/httpd/conf.d/elasticbeanstalk.conf
(In case of using IntelliJ / Java make sure it go added to the final .WAR artifact)
Add the following lines to enable the redirection in the virtual host:
<VirtualHost *:80>
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTP_USER_AGENT} !ELB-HealthChecker
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:8080/ retry=0
ProxyPassReverse / http://localhost:8080/
ProxyPreserveHost on
ErrorLog /var/log/httpd/elasticbeanstalk-error_log
</VirtualHost>
For more examples for Apache 2.4 and Nginx please visit this GitHub repository:
https://github.com/awsdocs/elastic-beanstalk-samples/tree/master/configuration-files/aws-provided/security-configuration/https-redirect/java-tomcat
Also, there is plenty more useful configuration and examples available.
Regards
I was able to finally get mine working with:
LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
In addition, I have found it easier to just place a ssl_rewrite.conf in my .ebextensions/httpd/conf.d folder and let the AWS scripts handle the rest.
Please also read http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#vhosts if using virtual hosts. Mod_rewrite configurations are not inherited from the main server context by virtual hosts and therefore also require the following in each virtual hosts configuration.
RewriteEngine On
RewriteOptions Inherit
Tested on 64bit Amazon Linux 2016.09 v2.4.0 running Tomcat 7 Java 7.
Me and my colleague are using apache on windows(2.4.18) and apache on mac(2.4.16). We are working on save project using SVN.
All requests, except some images are redirected to index.php using following .htaccess file.
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !index.php
RewriteCond %{REQUEST_FILENAME} !(\.png|\.jpg|\.gif|\.jpeg|\.bmp|\.woff2)$
RewriteRule ^([^?]*)$ /index.php?path=$1 [NC,L,QSA]
When accessing "/c-panel/folder/something" from windows my path param in $_GET is exactly as it should be "/c-panel/folder/something". When accessing same url on mac path param is "/c-panel/folder/something.php". Have in mind that something.php file actually exists on both OS. So why on MAC apache is adding .php at the end, when it should not and when does it comes from?
Thanks in advance!
That is due to MultiViews option turned on on OSX Apache. You can turn it off using this line at top of your .htaccess:
Options -MultiViews
Option MultiViews is used by Apache's content negotiation module that runs before mod_rewrite and makes Apache server match extensions of files. So /file can be in URL but it will serve /file.php.
I'm having a little issue with my Apache 2.2.15 Server.
I'm running a Django app on top of it with mod_wsgi. I activated WSGIPassAuthorization On, which made the Basic auth working well. But I recently implemented OAuth2.0 to secure my API (Implicit Grant), and I think Apache won't let it pass since it is of the form "Authorization: Bearer token". The "Bearer" is the issue I guess, though I don't know how to avoid that.
I tried :
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
In the httpd.conf, .htaccess (after setting AllowOverride All), and in my vhost. Nothing to do, doesn't work.
I've crawled the Internet all day long, and didn't find anything but those two solutions.
Thank you in advance !
EDIT:
OS : RedHatEL6.4
Apache : 2.2.15
Django: 1.6.6 w/ django-oauth-toolkit
Python: 2.7.8
I solved my problem, which finally was totally unrelated to my Apache configuration. So if you found this topic looking for an answer to the same problem, one of the solutions below should fix it :
Config WSGI :
WSGIPAssAuthorization On
Config .htaccess :
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
You can put both of those into your httpd/conf.d/project.conf file !
Several modules will strip the Authorization header to try to enhance security by preventing scripts from seeing usernames, passwords, etc... unless the developer explicitly enables this. Many of these modules will allow this header if you simply add the following line to .htaccess: CGIPassAuth on (source: Apache docs and StackOverflow)
To solve this problem, I just add WSGIPassAuthorization On to /etc/apache2/sites-available/mySite.conf file, as follows:
...
</Files>
</Directory>
WSGIPassAuthorization On
WSGIScriptAlias / /home/X/wsgi.py
WSGIDaemonProcess sepanta_dev python-path=/home/X python-home=/home/X/venv
...
i want to switch the home page only of my website from https to http,i need to know how to do it using htaccess file.
i've tried so many options and nothing worked, Thanx in advance.
Try this.
Put this in the .htaccess file in your document root.
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^/?$ http://%{HTTP_HOST} [R=302,L,NE]
This assumes that mod_rewrite is both installed and activated for htaccess files.
If you are not sure, to check if mod_rewrite is installed, look at the list of installed modules in the output of phpinfo();
By default, mod_rewrite is not enabled for htaccess files. If you are managing your own server, open httpd.conf
and make sure that the webroot directory block contains one of these lines: AllowOverride FileInfo or AllowOverride All
I've made a django site for a magazine, and it's found in mag.org/django-site. the old site is still at mag.org/httpdocs (hosted by mediatemple).
I would like it so that a hit to www.mag.org turns up the django site (as is currently the case, configured so in the conf file) while a hit to archive.mag.org serves the old site from httpdocs, that is, it's served by apache and not mod_python.
Is this possible to do through mod-rewrite, or mod-alias?
Thanks a million.
You don't need either of those. Just set up your virtualhosts so that archive.* serves from httpdocs and www.* serves via mod_python (although I really, really recommend you serve Django via mod_wsgi).
For example:
<VirtualHost "*:80">
ServerName www.mag.org
SetHandler python-program
PythonHandler django.core.handlers.modpython
SetEnv DJANGO_SETTINGS_MODULE mysite.settings
PythonOption django.root /mysite
</VirtualHost>
<VirtualHost "*:80">
ServerName archive.mag.org
DocumentRoot "/var/apache2/httpdocs"
</VirtualHost>
Yes, just use mod_rewrite, fe.:
Options +FollowSymLinks
Options +SymlinksIfOwnerMatch
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.mag.org$
RewriteRule ^(.*)$ http://mag.org/django-site [R=301,L]
RewriteCond %{HTTP_HOST} ^archive.mag.org$
RewriteRule ^(.*)$ http://mag.org/httpdocs [R=301,L]
Unfortunately the redirecion is visible to the user as far as I remember.
DocumentRoot /var/www/vhosts/mag.org/httpdocs
was all I needed, sitting all alone in /var/www/vhosts/mag.org/subdomains/archive/vhost.conf
The virtualhost solution didn't work for mediatemple, because each vhost.conf is already delimited as a virtualhost, configured by plesk.
Thanks for the help everyone.