I am trying to run a webservice from a script to prestashop (the example given with customers list). I receive the following error:
HTTP REQUEST HEADER
GET //api/customers&ws_key=57IGC8CC1HPC58U865KP7YNPWK1G4LSC HTTP/1.1
Authorization: Basic NTdJR0M4Q0MxSFBDNThVODY1S1A3WU5QV0sxRzRMU0M6
Host: edentalbook.com
Accept: */*
HTTP RESPONSE HEADER
HTTP/1.1 404 Not Found
Date: Mon, 17 Oct 2016 10:11:08 GMT
Server: Apache
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Length: 320
Content-Type: text/html; charset=iso-8859-1
RETURN HTTP BODY
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /api/customers&ws_key=57IGC8CC1HPC58U865KP7YNPWK1G4LSC was not found on this server.</p>
<hr>
<address>Apache Server at edentalbook.com Port 80</address>
</body></html>
Bad ID
I tested the server (I installed a fresh prestashop) and is working without problem. So I assume is a prestashop configuration issue.
Also I enabled friendly urls, htaccess
Any ideas? Thank you
Edited: Possibly it is a url rewrite issue because if i go from the server to http://edentalbook.com/webservice/dispatcher.php works perfectly
I attach the htaccess file
# ~~start~~ Do not remove this comment, Prestashop will keep automatically the code outside this comment when .htaccess will be generated again
# .htaccess automaticaly generated by PrestaShop e-commerce open-source solution
# http://www.prestashop.com - http://www.prestashop.com/forums
<IfModule mod_rewrite.c>
<IfModule mod_env.c>
SetEnv HTTP_MOD_REWRITE On
</IfModule>
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule . - [E=HTTP_AUTHORIZATION:%1]
#Domain: betashop.edentalbook.com
RewriteRule . - [E=REWRITEBASE:/]
RewriteRule ^api$ api/ [L]
RewriteRule ^api/(.*)$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L]
# Images
RewriteRule ^([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$1$2$3.jpg [L]
RewriteRule ^([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$1$2$3$4.jpg [L]
RewriteRule ^([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$1$2$3$4$5.jpg [L]
RewriteRule ^([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg [L]
RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg [L]
RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg [L]
RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg [L]
RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg [L]
RewriteRule ^c/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/c/$1$2$3.jpg [L]
RewriteRule ^c/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/c/$1$2.jpg [L]
# AlphaImageLoader for IE and fancybox
RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ js/jquery/plugins/fancybox/images/$1.$2 [L]
# Dispatcher
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L]
</IfModule>
AddType application/vnd.ms-fontobject .eot
AddType font/ttf .ttf
AddType font/otf .otf
AddType application/x-font-woff .woff
<IfModule mod_headers.c>
<FilesMatch "\.(ttf|ttc|otf|eot|woff|svg)$">
Header add Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
#If rewrite mod isn't enabled
ErrorDocument 404 /index.php?controller=404
# ~~end~~ Do not remove this comment, Prestashop will keep automatically the code outside this comment when .htaccess will be generated again
Go to BackOffice -> Shop Parameters -> Traffic & SEO and hit the Save button in 'Set shop URL' block.
This will regenerate the .htaccess
It could be a permissions problem.
Check if you use suPHP
You can check if you have a permission problem by checking your error log (it will throw a SoftException)
If so, folders must be 755 and files 644
So if you have a SSH access you can easily fix with the find command.
First go to the path where the PrestaShop installation is in. Then:
for files:
find . -type f -perm 666 -exec chmod 644 {} \;
for folders:
find . -type d -perm 777 -exec chmod 755 {} \;
Related
My website is hosted on AWS and I am using SEMRush to track any server and programming issues.
And my SEMRush found this error when I run it.
2 subdomains don't support HSTS.
Hence I put below code to solve this issue
<IfModule mod_headers.c>
<If "%{REQUEST_SCHEME} == 'https' || %{HTTP:X-Forwarded-Proto} == 'https'">
Header set Strict-Transport-Security "max-age=31536000"
</If>
</IfModule>
Now 1 error resolved but still having one more subdomain having the same error.
As you can see rosterelf.com still doesn't support HSTS.
Further, I am redireting non www to www in my htaccess and this is how my .htaccess file looks like.
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
<IfModule mod_headers.c>
<If "%{REQUEST_SCHEME} == 'https' || %{HTTP:X-Forwarded-Proto} == 'https'">
Header set Strict-Transport-Security "max-age=31536000"
</If>
</IfModule>
RewriteEngine On
##
## You may need to uncomment the following line for some hosting environments,
## if you have installed to a subdirectory, enter the name here also.
##
# RewriteBase /
##
## Uncomment following lines to force HTTPS.
##
# RewriteCond %{HTTPS} off
# RewriteRule (.*) https://%{SERVER_NAME}/$1 [L,R=301]
# CONDITIONS FOR ONLY LIVE SITE STARTS
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
# CONDITIONS FOR ONLY LIVE SITE ENDS
##
## Allow robots.txt
##
RewriteRule ^robots.txt - [L]
## 301 redirect for old support details page url to new one
## OLD URL https://www.rosterelf.com/support-detail/1903/how-can-employees-clock-inout-of-time-clock-different-slug
## NEW URL https://www.rosterelf.com/support-detail/how-can-employees-clock-inout-of-time-clock-different-slug
RewriteRule ^(support-detail)/\d+/([\w-]+)/?$ /$1/$2 [R=301,NC,L]
RewriteRule ^blog-detail/\d+/([\w-]+)/?$ /blog/$1 [R=301,NC,L]
##
## Black listed folders
##
RewriteRule ^bootstrap/.* index.php [L,NC]
RewriteRule ^config/.* index.php [L,NC]
RewriteRule ^vendor/.* index.php [L,NC]
RewriteRule ^storage/cms/.* index.php [L,NC]
RewriteRule ^storage/logs/.* index.php [L,NC]
RewriteRule ^storage/framework/.* index.php [L,NC]
RewriteRule ^storage/temp/protected/.* index.php [L,NC]
RewriteRule ^storage/app/uploads/protected/.* index.php [L,NC]
##
## White listed folders
##
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} !/.well-known/*
RewriteCond %{REQUEST_FILENAME} !/storage/app/uploads/public/.*
RewriteCond %{REQUEST_FILENAME} !/storage/app/media/.*
RewriteCond %{REQUEST_FILENAME} !/storage/app/resized/.*
RewriteCond %{REQUEST_FILENAME} !/storage/temp/public/.*
RewriteCond %{REQUEST_FILENAME} !/themes/.*/(assets|resources)/.*
RewriteCond %{REQUEST_FILENAME} !/plugins/.*/(assets|resources)/.*
RewriteCond %{REQUEST_FILENAME} !/modules/.*/(assets|resources)/.*
RewriteRule !^index.php index.php [L,NC]
##
## Block all PHP files, except index
##
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} \.php$
RewriteRule !^index.php index.php [L,NC]
##
## Standard routes
##
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
Do I need to put below code
<IfModule mod_headers.c>
<If "%{REQUEST_SCHEME} == 'https' || %{HTTP:X-Forwarded-Proto} == 'https'">
Header set Strict-Transport-Security "max-age=31536000"
</If>
</IfModule>
Out side of <IfModule mod_rewrite.c> condition ? What should I do to solve this ?
Can someone please guide me ..
Thanks
Pretty sure you need always if you want a header to also be added to redirects so try this:
Header always set Strict-Transport-Security "max-age=31536000"
my SEMRush found this error when I run it.
Just to clarify, that's not strictly an "error", unless you are explicitly trying to implement HSTS. (It doesn't look as if you were?) HSTS is a recommendation.
but still having one more subdomain having the same error.
SEMRush's identification is curious; that's not a subdomain, that's the "domain apex" (ie. no subdomain).
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
When implementing HSTS you need to first redirect from HTTP to HTTPS on the "same hostname", before you canonicalise the hostname, ie. before you redirect from no-www (the domain apex) to www.
This means you can't do what you are doing here... redirecting from HTTP and no-www to HTTPS and www in a single redirect. (The currently commented out HTTP to HTTPS redirect is what you need to be using instead.)
However, your current rule is also incomplete as it fails to canonicalise the hostname when requesting HTTPS. ie. It does not redirect https://example.com/ to https://www.example.com/. The first condition that checks that HTTPS is off ensures the rule is only processed for HTTP requests.
When implementing HSTS your redirects need to be written like this:
# 1. Redirect HTTP to HTTPS on the same host
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# 2. Redirect non-www to www
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
The second redirect to canonicalise the hostname does assume that you have no other subdomains that should be accessible since it redirects anything that is "not www".
Yes, this does (unfortunately) mean that users will experience two redirects when requesting http://example.com/ the very first time. But this is the nature of HSTS. And it is only the very first time that user visits HTTP on the non-canonical hostname.
<If "%{REQUEST_SCHEME} == 'https' || %{HTTP:X-Forwarded-Proto} == 'https'">
Header set Strict-Transport-Security "max-age=31536000"
</If>
This sets the STS header on HTTPS "success" responses. However, it is also a requirement of HSTS that you set this header on the HTTPS canonical redirect from no-www to www. Currently, the above directive is only setting the header on onsuccess (200 Ok) responses (the default). To set the header on the 301 redirect you need the always condition, as #BarryPollard has already pointed out in his answer:
# Set the STS header on redirects as well as 200 OK responses.
Header always set Strict-Transport-Security "max-age=31536000"
Just to add, not only will the always condition set the header on 3xx responses, but also other 4xx responses as well etc.
The <If> expression itself is also a bit dubious. You should only check the X-Forwarded-Proto header if your application server is behind a front-end proxy that manages the secure connection. However, if you are behind a proxy then you don't need to check the REQUEST_SCHEME server variable. (It looks like this expression is intended to be a generic "catch-all".) The issue with the above expression is that if you are not behind a proxy then a malicious request could inject the X-Forwarded-Proto HTTP request header and fool your server into sending the header.
From your HTTP to HTTPS redirect (that checks the HTTPS server variable) it looks like you are not behind a front-end proxy. Although, maybe you are and we'll need to modify the above HTTP to HTTPS redirect?
So, if you are not behind a front-end proxy then the following <If> expression is preferable:
<If "%{REQUEST_SCHEME} == 'https'>
Or,
<If "%{HTTPS} == 'on'>
And if using Apache 2.2 (or Apache 2.4) you could do the following instead of using an <If> expression:
# Set HSTS env var only if HTTPS
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=HSTS:1]
# Set STS header only when the HSTS env var is set (including redirects)
Header always set Strict-Transport-Security "max-age=31536000" env=HSTS
Out side of `<IfModule mod_rewrite.c>` condition ?
Placing the directive inside or outside the <IfModule> containers makes no difference in this instance (since mod_rewrite and mod_headers are presumably installed). In fact, strictly speaking, the <IfModule> wrappers should probably be removed altogether.
See my answer to the following question on the Webmasters stack for more info on this:
https://webmasters.stackexchange.com/questions/112600/is-checking-for-mod-write-really-necessary
I'm trying to write a Rewrite that redirects a single subdirectory to a different subdomain on the same server. There are many questions on Stackoverflow that are similar, but I can't figure out how to combine them.
I've tried it with a simple redirect, but that, of course ends up in a redirect loop:
Redirect 302 /subdirectory http://another-subdomain.test.de/subdirectory
I've tried a whole bunch of conditions and rules to no avail. Here's what my initial tests looked like, but none of its parts seem to work:
RewriteCond %{HTTP_HOST} ^subdomain\.test\.de$ [NC]
RewriteRule ^subdirectory(.*)$ http://another-subdomain.test.de/subdirectory/$1 [R=302,L]
In a gist, I need to redirect a single directory to another subdomain on the same server. How do I do that?
#####
#
# Example .htaccess file for TYPO3 CMS - for use with Apache Webserver
#
# This file includes settings for the following configuration options:
#
# - Compression via TYPO3
# - Settings for mod_rewrite (URL-Rewriting)
# - PHP optimisation
# - Miscellaneous
#
# If you want to use it, you have to copy it to the root folder of your TYPO3 installation (if its
# not there already) and rename it to '.htaccess'. To make .htaccess files work, you might need to
# adjust the 'AllowOverride' directive in your Apache configuration file.
#
# IMPORTANT: You may need to change this file depending on your TYPO3 installation!
#
# Lines starting with a # are treated as comment and ignored by the web server.
#
# You should change every occurance of TYPO3root/ to the location where you have your website in.
# For example:
# If you have your website located at http://example.com/
# then your TYPO3root/ is just empty (remove 'TYPO3root/')
# If you have your website located at http://example.com/some/path/
# then your TYPO3root/ is some/path/ (search and replace)
#
# You can also use this configuration in your httpd.conf, but then you have to modify some lines,
# see the comments (search for 'httpd.conf')
#
# Questions about this file go to the matching Install mailing list, see
# http://typo3.org/documentation/mailing-lists/
#
####
### Begin: Compression via TYPO3 ###
# Compressing resource files will save bandwidth and so improve loading speed especially for users
# with slower internet connections. TYPO3 can compress the .js and .css files for you.
# *) Uncomment the following lines and
# *) Set $TYPO3_CONF_VARS['BE']['compressionLevel'] = '9' for the Backend
# *) Set $TYPO3_CONF_VARS['FE']['compressionLevel'] = '9' together with the TypoScript properties
# config.compressJs and config.compressCss for GZIP compression of Frontend JS and CSS files.
<FilesMatch "\.js\.gzip$">
AddType "text/javascript" .gzip
</FilesMatch>
<FilesMatch "\.css\.gzip$">
AddType "text/css" .gzip
</FilesMatch>
AddEncoding gzip .gzip
### End: Compression via TYPO3 ###
### Begin: Browser caching of ressource files ###
# Enable long browser caching for JavaScript and CSS files.
# This affects Frontend and Backend and increases performance.
# You can also add other file extensions (like gif, png, jpg), if you want them to be longer cached, too.
<FilesMatch "\.(js|css)$">
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 7 days"
</IfModule>
FileETag MTime Size
</FilesMatch>
### End: Browser caching of ressource files ###
### Begin: Settings for mod_rewrite ###
# You need rewriting, if you use a URL-Rewriting extension (RealURL, CoolUri).
<IfModule mod_rewrite.c>
# Enable URL rewriting
RewriteEngine On
# Change this path, if your TYPO3 installation is located in a subdirectory of the website root.
RewriteBase /
# Rules to set ApplicationContext based on hostname
#RewriteCond %{HTTP_HOST} ^dev\.example\.com$
#RewriteRule (.*) $1 [E=TYPO3_CONTEXT:Development]
#RewriteCond %{HTTP_HOST} ^staging\.example\.com$
#RewriteRule (.*) $1 [E=TYPO3_CONTEXT:Production/Staging]
#RewriteCond %{HTTP_HOST} ^www\.example\.com$
#RewriteRule (.*) $1 [E=TYPO3_CONTEXT:Production]
# Rule for versioned static files, configured through:
# - $TYPO3_CONF_VARS['BE']['versionNumberInFilename']
# - $TYPO3_CONF_VARS['FE']['versionNumberInFilename']
# IMPORTANT: This rule has to be the very first RewriteCond in order to work!
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ $1.$3 [L]
# Basic security checks
# - Restrict access to deleted files in Recycler directories
# - Restrict access to TypoScript files in default templates directories
# - Restrict access to Private extension directories
# For httpd.conf, use these lines instead of the next ones:
# RewriteRule ^/TYPO3root/fileadmin/(.*/)?_recycler_/ - [F]
# RewriteRule ^/TYPO3root/fileadmin/templates/.*(\.txt|\.ts)$ - [F]
# RewriteRule ^/TYPO3root/typo3conf/ext/[^/]+/Resources/Private/ - [F]
RewriteRule ^fileadmin/(.*/)?_recycler_/ - [F]
RewriteRule ^fileadmin/templates/.*(\.txt|\.ts)$ - [F]
RewriteRule ^typo3conf/ext/[^/]+/Resources/Private/ - [F]
# Stop rewrite processing, if we are in the typo3/ directory.
# For httpd.conf, use this line instead of the next one:
# RewriteRule ^/TYPO3root/(typo3/|fileadmin/|typo3conf/|typo3temp/|uploads/|favicon\.ico) - [L]
RewriteRule ^(typo3/|fileadmin/|typo3conf/|typo3temp/|uploads/|favicon\.ico) - [L]
# If the file/symlink/directory does not exist => Redirect to index.php.
# For httpd.conf, you need to prefix each '%{REQUEST_FILENAME}' with '%{DOCUMENT_ROOT}'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
# Main URL rewriting.
# For httpd.conf, use this line instead of the next one:
# RewriteRule .* /TYPO3root/index.php [L]
RewriteRule .* index.php [L]
</IfModule>
### End: Settings for mod_rewrite ###
### Begin: PHP optimisation ###
# If you do not change the following settings, the default values will be used.
# TYPO3 works fine with register_globals turned off.
# This is highly recommended, if your web server has it turned on.
##php_flag register_globals off
### End: PHP optimisation ###
### Begin: Miscellaneous ###
# Make sure that directory listings are disabled.
#Options -Indexes
### End: Miscellaneous ###
# Add your own rules here.
# ...
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP_HOST} ^www\.jobzzone\.de$ [NC]
RewriteRule ^(.*)$ https://www.jobzzone.de/$1 [R=301,L]
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP_HOST} ^bad-kreuznach\.jobzzone\.de$ [NC]
RewriteRule ^(.*)$ https://bad-kreuznach.jobzzone.de/$1 [R=301,L]
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP_HOST} ^birkenfeld\.jobzzone\.de$ [NC]
RewriteRule ^(.*)$ https://birkenfeld.jobzzone.de/$1 [R=301,L]
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP_HOST} ^mainz-bingen\.jobzzone\.de$ [NC]
RewriteRule ^(.*)$ https://mainz-bingen.jobzzone.de/$1 [R=301,L]
# Umleitung von alter www.jobzzone.de nach bad-kreuznach.jobzzone.de, aber nur für das /unternehmen Unterverzeichnis
# funktioniert noch nicht!
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.jobzzone\.de$ [NC]
RewriteRule ^jobzzone.dievorschau.de/unternehmen/(.*)$ http://jobzzone-badkreuznach.dievorschau.de/unternehmen/$1 [R=302,L]
RewriteRule ^jobzzone.dievorschau.de/unternehmen$ http://jobzzone-badkreuznach.dievorschau.de/unternehmen/ [R=302,L]
</IfModule>
EDIT
I've appended the following to the htaccess,
RewriteCond %{HTTP_HOST} "^jobzzone.dievorschau.de$" [NC,OR]
RewriteCond %{HTTP_HOST} "^www.jobzzone.dievorschau.de$" [NC]
RewriteRule "^/unternehmen/(.*)$" "http://jobzzone-badkreuznach.dievorschau.de/unternehmen/" [R=302,L]
RewriteCond %{HTTP_HOST} "^jobzzone.dievorschau.de$" [NC,OR]
RewriteCond %{HTTP_HOST} "^www.jobzzone.dievorschau.de$" [NC]
RewriteRule "^/unternehmen/(.*)$" "http://jobzzone-badkreuznach.dievorschau.de/unternehmen/$1" [R=302,L]
but the Redirect still doesn't work.
Redacted:~ redacted$ wget "http://jobzzone.dievorschau.de/unternehmen/arbeitsagentur" --server-response
-2018-10-04 09:07:57-- http://jobzzone.dievorschau.de/unternehmen/arbeitsagentur
Auflösen des Hostnamens jobzzone.dievorschau.de (jobzzone.dievorschau.de)… 2a03:2a00:1200:0:1::3795, 37.202.5.54
Verbindungsaufbau zu jobzzone.dievorschau.de (jobzzone.dievorschau.de)|2a03:2a00:1200:0:1::3795|:80 … verbunden.
HTTP-Anforderung gesendet, auf Antwort wird gewartet …
HTTP/1.1 301 TYPO3 RealURL redirect
Date: Thu, 04 Oct 2018 07:07:58 GMT
Server: Apache
X-TYPO3-RealURL-Info: redirect for missing slash
Connection: close
Upgrade: h2,h2c
Connection: Upgrade
Content-length: 0
Location: http://jobzzone.dievorschau.de/unternehmen/arbeitsagentur/
Content-Type: text/html; charset=UTF-8
Platz: http://jobzzone.dievorschau.de/unternehmen/arbeitsagentur/ [folgend]
-2018-10-04 09:07:58-- http://jobzzone.dievorschau.de/unternehmen/arbeitsagentur/
erbindungsaufbau zu jobzzone.dievorschau.de (jobzzone.dievorschau.de)|2a03:2a00:1200:0:1::3795|:80 … verbunden.
TTP-Anforderung gesendet, auf Antwort wird gewartet …
HTTP/1.1 404 Not Found
Date: Thu, 04 Oct 2018 07:07:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
2018-10-04 09:07:58 FEHLER 404: Not Found.
Theres RealUrl installed in the TYPO3 installation, and that appends the missing slash and redirects, but the htaccess Redirect does nothing it seems...
Since you do not have access to modify the VirtualHost, you could do it like this in a .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_HOST} "^test\.de$" [NC,OR]
RewriteCond %{HTTP_HOST} "^www.test\.de$" [NC]
RewriteRule "^/subdirectory/(.*)$" "http://subd.example.com/$1" [R=301,L]
RewriteCond %{HTTP_HOST} "^test\.de$" [NC,OR]
RewriteCond %{HTTP_HOST} "^www.test\.de$" [NC]
RewriteRule "^/subdirectory$" "http://subd.example.com/" [R=301,L]
This way, the redirections are only applied on domains test.de and www.test.de.
For these two (hence the option OR), if someone asks for /subdirectory/SOMETHING or /subdirectory it will redirect to the sub-domain.
Example based on my answer, following your comment
You want:
http://jobzzone.dievorschau.de/unternehmen/*
redirected to
http://jobzzone-badkreuznach.dievorschau.de/unternehmen/(the value of *)
Example you provided:
http://jobzzone.dievorschau.de/unternehmen/beinbrech
needs to redirect to
http://jobzzone-badkreuznach.dievorschau.de/unternehmen/beinbrech
The configuration becomes:
RewriteEngine On
RewriteCond %{HTTP_HOST} "^jobzzone.dievorschau.de$" [NC,OR]
RewriteCond %{HTTP_HOST} "^www.jobzzone.dievorschau.de$" [NC]
RewriteRule "^/unternehmen/(.*)$" "http://jobzzone-badkreuznach.dievorschau.de/unternehmen/" [R=301,L]
RewriteCond %{HTTP_HOST} "^jobzzone.dievorschau.de$" [NC,OR]
RewriteCond %{HTTP_HOST} "^www.jobzzone.dievorschau.de$" [NC]
RewriteRule "^/unternehmen/(.*)$" "http://jobzzone-badkreuznach.dievorschau.de/unternehmen/$1" [R=301,L]
I want to match request parameters in httpd.conf if the request has malicious data i want to return 404 http status code to the client. Request data should have number , words and & = sign .If there is anything apart from this in request we don't have to process the request further
How we can do this Apache 2.2
Invalid URL :
http://ip/index.html?daa=1; rm /tmp/f;mkfifo /tmp/f;cat /tmp/f%7C/bin/sh -i %26
Valid URL
http://ip/index.html?daa=1&data=1
After adding :
<Directory "folder/scripts">
RewriteEngine On
RewriteCond %{QUERY_STRING} !^[a-zA-Z0-9&=?\-]*$
RewriteRule . test.html [R=404,L]
</Directory>
It is not redirecting to my test.html page
If you are trying to filter query strings only, you could add this on top of your rules:
RewriteEngine On
RewriteBase /
RewriteCond %{QUERY_STRING} !^[a-zA-Z0-9&=#?]*$
RewriteRule . /index.php [R=404,L]
Note: You only have to put allowed characters in character class.
You can use this rule as your top rule to block all requests with characters you don't want to allow:
RewriteEngine On
RewriteCond %{THE_REQUEST} [A-Z]{3,}\s/+\S*[^/\w?&=.#-]\S*\sHTTP [NC]
RewriteRule ^ - [B,F]
I pretty much know nothing about about .htaccess editing or regex expressions. What I have done to try to make my site re-direct from www versions to non-www versions is I followed the answers posted here:
redirect www to non-www
However, what I get is that if I enter www.example.com, I get:
example.com/example.com/ and a 404 error on my site
This is my .htaccess file:
#Adjust default time zone
SetEnv TZ America/Toronto
#Begin redirect www to non-www
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [NE,R=301,L]
# Google Analytics Integration - Added by cPanel.
<IfModule mod_substitute.c>
AddOutputFilterByType SUBSTITUTE text/html
Substitute "s|(<script src='/google_analytics_auto.js'></script>)?</head>|<script src='/google_analytics_auto.js'></script></head>|i"
</IfModule>
# END Google Analytics Integration
Can someone enlighten me on what I am doing wrong?
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
That is, check if the HTTP_HOST contains www and if so, redirect to non-www with the request_uri appended.
How do I rewrite all requests from a specific domain name to my site with .htaccess?
For example, if http://www.example.com had a link to my site, then I want to redirect them to a different page on my site, but other links from other websites and direct links should display the requested page like normal.
I've been getting in a muddle with how to do this... Thanks in advance!
UPDATE:
Some information as requested in an answer:
My stripped down .htaccess file looks like this:
# irrelevant all squashed together (issue still remains when used like this)
<Files .htaccess>
order allow,deny
deny from all
</Files>
Options +FollowSymLinks
RewriteEngine On
RewriteOptions MaxRedirects=10
DirectoryIndex index.php
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301]
ErrorDocument 400 /error.html
ErrorDocument 401 /error.html
ErrorDocument 403 /error.html
ErrorDocument 404 /error.html
ErrorDocument 500 /error.html
Options All -Indexes
IndexIgnore *
LimitRequestBody 10240000
#redirect
RewriteCond %{HTTP_REFERER} ^http://(www\.)?badsite\.com/ [NC]
RewriteRule !^error\.html /error.html [L,NC,R=302]
The header of the page I am visiting looks like this:
Referer: http://www.badsite.com/wiki/Page
2nd UPDATE:
The intended actions are:
Visit http://www.example.com/wiki/Page
Click on link to http://www.mysite.co.uk/thispage/here
Because of the example.com, I should be redirected to http://www.mysite.co.uk/badpage instead of http://www.mysite.co.uk/thispage/here like all other requests.
You will need to rely on HTTP_REFERER for this. Put this code in your sub-directory's .htaccess file:
RewriteEngine On
RewriteCond %{QUERY_STRING} !^id=[^&]+ [NC]
# if referrer is bad.com
RewriteCond %{HTTP_REFERER} (www\.)?bad\.com [NC]
# then redirect to a different page
RewriteRule !^start start [L,NC,R=302]
Though remember that HTTP_REFERER can be spoofed and is not 100% reliable.
PS: It turned out to be unique situtation due to dokuwiki installation