I have a htaccess rewrite rule code which works on Apache but not on litespeed.
<Files "bg.js">
SetEnvIfNoCase User-Agent .*autoit.* search_robot
Order Deny,Allow
Deny from All
Allow from env=search_robot
</Files>
I want to block all useragents except those that are a case insensitive match to autoit.
How do I get the rewrite rule to work on litespeed?
Unfortunately, LiteSpeed does not support SetEnvIf* directives in .htaccess files. As an alternative, you'll need to use mod_rewrite:
RewriteEngine On
# Check that the request is for /bg.js
RewriteCond %{REQUEST_URI} ^/bg.js
# Check that the request matches an existing file
RewriteCond %{REQUEST_FILENAME} -f
# Check that the user agent does not contain autoit
RewriteCond %{HTTP_USER_AGENT} !autoit
# If all conditions above are met, then deny access to this request
RewriteRule ^ - [F,L]
Related
I'm using Apache to implement Shibboleth single sign on for a Laravel site. I'd like to bypass one specific subset of URLs from authentication (api/public, for example) so they're publicly accessible. For some reason the public folder's .htaccess file seems to be preventing this from working as expected.
I've tried this a bunch of different ways and all roads have lead to this same issue. Here's what I'm trying currently.
<Directory /var/www/html/mysite/public>
SSLOptions +StdEnvVars
Options Indexes FollowSymLinks MultiViews
AllowOverride All
<If "%{REQUEST_URI} =~ m#api/public#">
Require all granted
</If>
<Else>
AuthType shibboleth
ShibRequestSetting requireSession 1
Require valid-user
</Else>
</Directory>
Here's the .htaccess file that Laravel ships with:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
Unfortunately with the .htaccess file in place, the Else code is still getting executed and the Shib code runs. But I'm pretty sure the If condition is catching, because if throw in Require all denied as a test then it does forbid as expected.
If I remove the .htaccess however, this works! But it also means that any routing within Laravel is now broken, which I do need for this public-facing URL.
My best guess is that the .htaccess RewriteRule is causing the Else code to still run even after the If statement caught. Any suggestions on a way around this? Running into the same problem using Location directive.
Thanks.
Figured out a solution for this, will share here in case someone else runs into this. The issue was indeed that RewriteRule causes us to run through the whole thing again. The If stopped Shibboleth as expected the first time, but then we'd go through again after Laravel redirects us to index.php and pick it up anyway.
Solved it by changing the Else to an ElseIf where we exclude index.php:
<Directory /var/www/html/mysite/public>
SSLOptions +StdEnvVars
Options Indexes FollowSymLinks MultiViews
AllowOverride All
<If "%{REQUEST_URI} =~ m#api/public#">
Require all granted
</If>
<ElseIf "%{REQUEST_URI} !~ m#index\.php#">
AuthType shibboleth
ShibRequestSetting requireSession 1
Require valid-user
</ElseIf>
</Directory>
I want password protection for the site just webservice URL stay allow all.
This expression work perfectly in apache, just need turn opposite.
<LocationMatch "^(.*service).*$">
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /storage/www/xxxxx/.htpasswd
Require valid-user
</LocationMatch>
I try many many form, but doesn't work.
I tried this and work perfectly in reguler tester just not in apache (2.2)
<LocationMatch "^(?!.*service).*$">
How can negate that expression?
.htaccess content if matter.
RewriteEngine on
RewriteBase /
# ....
RewriteRule txxxx/(.*) index.php?config=main_lite&r=script/xxx/deliverData&url=$1
# rule 1 -- let these requests pass through (S=1 skips the next rule)
RewriteCond %{REQUEST_FILENAME} favicon.(gif|ico) [NC,OR]
RewriteCond %{REQUEST_FILENAME} .+\.(pdf|js|css|txt|jpg|jpeg|gif|png|bmp|ico|swf|html|log|svg|ttf|eot|woff|woff2)$ [OR]
RewriteCond %{REQUEST_URI} rsc/ [OR]
RewriteCond %{REQUEST_URI} index.php$
RewriteRule (.*) - [S=1]
# rule 2 - pass every request to index.php
RewriteRule .* index.php
It seems Apache regexp support is too limited..
However, you easily may "negate" your expression by defining all you want for it in an enclosing clause (say, "Location") and then reverting to the 'default' settings under your (non-negated) LocationMatch.
Something like this: https://serverfault.com/questions/591591/apache-locationmatch-regex-behaviour-does-not-seem-correct
I have the below code for example to allow only certain IP's to access the page..
order deny,allow
deny from all
allow from 123.45.67.89
allow from 123.45.
<Files ~ ".(xml|css|jpe?g|png|gif|js)$">
Allow from all
</Files>
..but how do I control the page the user is shown if they are not allowed? Like, I want to redirect them to a certain page.
Put this code in your DOCUMENT_ROOT/.htaccess file:
RewriteEngine On
RewriteCond %{REQUEST_URI} !\.(xml|css|jpe?g|png|gif|js)$ [NC]
RewriteCond %{REMOTE_ADDR} !^(123\.45\.|19\.72\.48\.56)
RewriteCond %{REMOTE_ADDR} !^53\.81\.21\.94
RewriteRule !^maintenance\.html$ /maintenance.html [R=302,L,NC]
I found a lot of topics about blocking query string url via .htaccess on stackoverflow. But I need to block a bunch of not existing urls :like http://www.vvdealblas.nl/?/member/login (urls from the old cms).
I want to do this with FilesMatch, something like:
<FilesMatch "^{regex}$">
Order deny,allow
Deny from all
</FilesMatch>
Thanks!
You cannot do that via FilesMatch since you want to match QUERY_STRING. Use mod_rewrite instead:
RewriteEngine On
RewriteCond %{QUERY_STRING} ^/member/login$ [NC]
RewriteRule ^/?$ - [F]
My mates and I are putting the finishing touches on our website hosted with ipage but we are just having one small issue with our .htaccess.
We want to make our urls SEO friendly (and neat) and the rewriterule is not working, we keep getting 404 errors. I just want to verify the syntax is correct. I have questioned it with ipage and they said mod_rewrite is installed and allowoverride all is set but couldn't help with the regular expression.
The url is:
http:// www.example.com/article.php?title=Some-Article
and we want to make it:
http:// www.example.com/Some-Article
the entire htaccess file:
# Protect db_connect
<files db_connect.php>
order allow,deny
deny from all
</files>
# Protect .htaccess
<files .htaccess>
order allow,deny
deny from all
</files>
Options +FollowSymLinks
Options +Indexes
RewriteEngine On
# Remove .php but still allow addressing .php
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php
RewriteRule ^([^/]*)/$ /article.php?title=$1 [L]
Any help would be greatly appreciated as I have searched for hours and also tested the syntax generated from http://www.generateit.net/mod-rewrite/ with no luck.
Regards,
Adam
Thanks guys,
My mates and I did end up sorting it, we changed around a few things on the back-end to make the url change from:
http:// www.example.com/article.php?title=Some-Article
to:
http:// www.example.com/article.php?article=Some-Article
then with the following adjustments to the .htaccess file we got it working:
RewriteEngine On
RewriteRule page/([^/]*)/$ /index.php?p=$1 [L]
RewriteRule ^product/([^/]*)$ /article.php?article=$1 [L]
RewriteRule ^([^/]*)/$ /index.php?sort=$1 [L]
RewriteRule ^([^/]*)/page/([^/]*)$ /?sort=$1&p=$2 [L]
so we now have the following urls being formed:
http:// www.example.com/page/2
http:// www.example.com/product/Some-Product/
http:// www.example.com/
http:// www.example.com/category/page/2
The debugging really did help, appreciate it, I turned up the error reporting level in php.ini and made it output to a file which I could access through FTP.