I want password protection for the site just webservice URL stay allow all.
This expression work perfectly in apache, just need turn opposite.
<LocationMatch "^(.*service).*$">
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /storage/www/xxxxx/.htpasswd
Require valid-user
</LocationMatch>
I try many many form, but doesn't work.
I tried this and work perfectly in reguler tester just not in apache (2.2)
<LocationMatch "^(?!.*service).*$">
How can negate that expression?
.htaccess content if matter.
RewriteEngine on
RewriteBase /
# ....
RewriteRule txxxx/(.*) index.php?config=main_lite&r=script/xxx/deliverData&url=$1
# rule 1 -- let these requests pass through (S=1 skips the next rule)
RewriteCond %{REQUEST_FILENAME} favicon.(gif|ico) [NC,OR]
RewriteCond %{REQUEST_FILENAME} .+\.(pdf|js|css|txt|jpg|jpeg|gif|png|bmp|ico|swf|html|log|svg|ttf|eot|woff|woff2)$ [OR]
RewriteCond %{REQUEST_URI} rsc/ [OR]
RewriteCond %{REQUEST_URI} index.php$
RewriteRule (.*) - [S=1]
# rule 2 - pass every request to index.php
RewriteRule .* index.php
It seems Apache regexp support is too limited..
However, you easily may "negate" your expression by defining all you want for it in an enclosing clause (say, "Location") and then reverting to the 'default' settings under your (non-negated) LocationMatch.
Something like this: https://serverfault.com/questions/591591/apache-locationmatch-regex-behaviour-does-not-seem-correct
Related
Hi I got an amazing (?) work to fix the error on a site. It was a HTTP 500 error.
It is caused by the htaccess file. But I can't figure out what's wrong with the code. here is the code.
# Use PHP5 Single php.ini as default
#AddHandler application/x-httpd-php5s .php
# The rules below basically say that if the file exists in the tree, just
# serve it; otherwise, go to index.php. This is more future-proof for your
# site, because if you start adding more and more content types, you don't
# need to alter the .htaccess to accomodate them.
# This is an important concept for the Front Controller Pattern which the
# ZF MVC makes use of.
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ public/index.php [NC,L]
Redirect 301 /platforms/mt4-ecn http://example.com/
Redirect 301 /partnerships/mt4-to-mt4-bridge http://example.com/
<IfModule mod_suphp.c>
suPHP_ConfigPath /home/aaaecn/public_html
</IfModule>
<Files php.ini>
order allow,deny
deny from all
</Files>
this redirect rules are for zend framework, But I don't have any experience in working with that framework.
I commented all lines and tried now the 500 error is fixed. So I filtered it down by uncommenting.
RewriteRule ^.*$ - [NC,L]
this line is causing the error, but removing this giving invalid redirects and 404 errors. what can I do to fix the problem.
Try your rules like this:
RewriteEngine On
RewriteRule ^(partnerships/mt4-to-mt4-bridge|platforms/mt4-ecn)/?$ / [L,NC,R=301]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ public/index.php [L]
When user enters url http://localhost/systems/admin in address bar I need to redirect user to page http://localhost/systems/admin/login/
It works fine when enter /admin
It does not work properly when I enter /admin/ (note trailing slashes), it redirects me to some other page http://localhost/systems/user/login but I want it to redirect me to same page i.e. http://localhost/systems/admin/login/
Below is my entire .htaccess code
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /systems/
RewriteRule ^admin$ http://localhost/systems/admin/login/ [R=301,L]
RewriteCond $1 !^(index\.php|resources|robots\.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L,QSA]
</IfModule>
With your .htaccess configuration you are redirecting only /admin to /admin/login/.
To support a possible trailing slash you should go for something like:
RewriteRule ^admin/?$ http://localhost/systems/admin/login/ [R=301,L]
Generally speaking I would stick to only one notation (either with or without the trailing slash) and add a rule that always corrects wrong notations (i.e. adding or removing the trailing slash). A rule to remove the trailing slash could be:
RewriteRule ^(.*)/$ /$1 [L,R=301]
With such a rule you can stick to your original rewrite rule. In this case, however, you should always take care of returning addresses without the trailing slash in order to avoid rewriting when not necessary:
RewriteRule ^admin$ http://localhost/systems/admin/login [R=301,L]
After banging my head against this for the better part of a week, it turned out to be the same problem, and solution, as in this thread: RewriteCond in .htaccess with negated regex condition doesn't work?
TL;DR: I had deleted my 404 document at some point. This was causing Apache to run through the rules again when it tried to serve the new page and couldn't. On the second trip through, it would always match my special conditions.
I'm having endless trouble with this regex, and I don't know whether it's because I'm missing something about RewriteCond or what.
Simply, I want to match only top-level requests, meaning any request with no subdirectory. For example I want to match site.com/index.html, but not site.com/subdirectory/index.html.
I thought I would be able to accomplish it with this:
RewriteCond %{REQUEST_URI} !/[^/]+/.*
The interesting thing is, it doesn't work but the reverse does. For example:
RewriteCond %{REQUEST_URI} /[^/]+/.*
That will detect when there is a subdirectory. And it will omit top-level requests (site.com/toplevelurl). But when I put the exclamation point in front to reverse the rule (which RewriteCond is supposed to allow), it stops matching anything.
I've tried many different flavors of regex and different patterns that should work, but none seem to. Any help would be appreciated. this Stack Overflow answer seems like it should answer it but does not work for me.
I've also tested it with this .htaccess rule tester, and my patterns work in the tester, they just don't work on the actual server.
Edit: by request, here is my .htaccess. It allows URLs without file extensions and also does something similar to a custom 404 page (although its purpose is to allow filenames as arguments, not be a 404 replacement).
Options +FollowSymLinks
DirectoryIndex index.php index.html index.htm
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}\.html -f
RewriteRule ^(.*)$ $1.html
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php
RewriteCond %{REQUEST_FILENAME} =/home/me/public_html/site/
RewriteRule ^(.*)$ index.php
RewriteCond %{REQUEST_FILENAME} !-f # Below this is where I would like the new rule
RewriteRule ^(.*)$ newurl.php
</IfModule>
I want to match site.com/index.html, but not site.com/subdirectory/index.html
You can use:
RewriteRule ^[^/]+/?$
Or using RewriteCond:
RewriteCond %{REQUEST_URI} ^/[^/]+/?$
I believe it might be a possible duplicate. But I tried my best to search for such a thing that will suit my needs and I found, none.
So here's basically what I have so far, and I will explain what I need modified.
# Forbidden Access
ErrorDocument 403 /403.php
# Not Found
ErrorDocument 404 /404.php
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
RewriteBase /
</IfModule>
<IfModule mod_rewrite.c>
# Strip off .php extension if it exists
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
RewriteRule ^ %1 [R,L,NC]
# Unless directory, remove trailing slash
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]+)/$ /403.php$1 [R=301,L]
# Resolve .php file for extensionless php urls
RewriteRule ^([^/.]+)$ $1.php [L]
</IfModule>
Now this seems to be working flawlessly. But it has one error. Let me explain first.
1) It does automatically strip-off .php extension if it exists. Not sure if it strip off .php if it is url of an external request. Forgot to check, but maybe you already know so you can tell me ?
2) When I type this... "http://website.dev/img/" it does give me an "403 Forbidden Access". So that's all good.
3) When I try this... "http://website.dev/index" it does load the page even if there is .php extension manually added it will strip it off. So All good in here too...
4) When I try random path like this... "http://website.dev/asdasd" it does give me an "404 Not Found". So we're good in here as well.
But the main problem is here...
5) When I try following... "http://website.dev/dashboard/index" it give me an 404 Not Found even tho it should be loading without issues. It appears for all pages within dashboard directory.
Can you help me to modify that htaccess above please ? I am really tired of searching and I don't know regex at all.
That is because of the faulty regex used in your very last rule to silently add .php extension. Change last rule to:
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI}\.php -f [NC]
RewriteRule ^(.+?)/?$ /$1.php [L]
Here's my translation of you rules:
# Strip off .php extension if it exists
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
Bad comment. You regexp means: strip off all files that have 3 uppercase first and and dot php in it. Maybe you've forgotten the ending $?
# Unless directory, remove trailing slash
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]+)/$ /403.php$1 [R=301,L]
Why is that? Just do a redirect, and Apache will handle the 301 it for you:
RewriteRule .* - [L,R=403]
And then last question: why you strip off .php extension, if you re-add it later on? (°_o)
So here's what you should do, with some examples, and adapt them you fit your needs:
First test if the file has no special treatment. If so, stop immediately, like this:
RewriteRule ^/(robots\.txt|404\.php|403\.php)$ -
Then test if someone is trying to hack. If so, redirect to whatever you want:
RewriteRule (.*)test.php - [QSA,L]
RewriteRule (.*)setup.php http://noobs.land.com/ [NC,R,L]
RewriteRule (.*)admin(.*) http://noobs.land.com/ [NC,R,L]
RewriteRule (.*)trackback(.*) http://noobs.land.com/ [NC,R,L]
Then, only after this, forbid the php extension:
RewriteRule (.*)php$ - [L,R=404]
Then, accept all static "known" file extension, and stop if it matches:
RewriteRule (.*)(\.(css|js|htc|pdf|jpg|jpeg|gif|png|ico|mpg|mp3|ogg|wav|otf|eot|svg|ttf|woff)){1}$ $1$2 [QSA,L]
Now you can do some testing. If the URI ends with a 'aabb/', test if you have a file named aabb.php, and if so, go for it:
RewriteCond %{REQUEST_URI} (\/([^\/]+))\/$
RewriteCond %{DOCUMENT_ROOT}/%1.php -f
RewriteRule (.*) %{DOCUMENT_ROOT}/%1.php [QSA,L]
If nothing is handled, and you get here, it's a problem, so stop it:
RewriteRule .* - [L,R=404]
FYI, all those sample rules are deeply tested on a production server.
And now with that, you have all what you need to do something good & working.
I'm migrating a rather large (5000+ posts) from Movable Type to WordPress. At this point, I'm stuck trying to ensure that old post urls won't be result in 404s once we go live with the new site.
The old url pattern looks like so:
http://domain.com/site/category/category/post_name.php
And I'd like to redirect those to
http://domain.com/category/category/post_name/
However, I have tried and tried with htaccess redirects, and no matter what I do, it either fails or generates a 500 error. I suspect I'm missing something silly, or that there are conflicting rules maybe, and I'm hoping that someone who knows htaccess better than I do can help me along the right path.
Here's what I've got right now. The rule redirecting /site/ to the root directory works just fine, but the other two have no effect, whether alone or together. I tried both to see if I could redirect a specific post and do it manually that way, but it still won't work.
RewriteEngine On
RewriteRule ^site/(.*) /$1 [NC]
RewriteRule ^site/resources/(.*).php$ /resources/$1 [NC]
RewriteRule ^site/resources/research/safe_urban_form_revisiting_the_relationship_b.php$ /resources/research/safe_urban_form_revisiting_the_relationship_b/ [NC]
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Any help would be extremely useful!
It looks like you may want to use a redirect something like this:
# Redirect /site/any/path/file.php to /any/path/file/:
RewriteRule ^site/(.+)\.php$ $1/ [NC,R=301,L]
Also, I would place this as the first rule immediately after the RewriteBase / line in the Wordpress section.
Since you´ll keep the same domain, why don't you just forget about writing the redirection rules yourself and use the redirection plugin instead? It will be much easier for you to define the redirection rules with the help of the plugin. This is the strategy I follow every time I can
The reason your redirects aren't working as expected is that . is a special character in Regular Expressions' syntax -- it means "any character". You need to escape any special characters like ., ^, etc. with a backslash like so: \..
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# Redirect old URLs with ".php" in them.
RewriteRule ^site/(.+)\.php$ $1/ [NC,R=301,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I'm not sure if you actually want the RewriteRule ^site/(.*) /$1 [NC] rule in there or if it was just testing. If you do, just add it in after the RewriteBase / statement.