I have a site for static content, accessible to all that runs on apache. As an adjunct to that, there is a members site that runs on django. I haven't had any issue 'sharing' my .css and making both sides equivalent in appearance, but what I can't quite seem to grok is getting my django site to be django password protected (with the additional caveat that all member material, from the login forward, goes through 443).
I can serve all the pages, I have tried to use mod_rewrite as follows:
<Directory /Library/Webserver/Documents>
.
.
.
</Directory>
WSGIScriptAlias /members /usr/local/django/mysite/apache/django.wsgi
<Directory /members>
RewriteCond %{HTTPS} off
RewriteRule (.*) https://{HTTP_HOST}%{REQUEST_URI} [L]
.
.
</Directory>
I have tried every one of a thousand different items in the '/members location above, nothing seems to hit (and yes, RewriteEngine On is included - I can watch the debug come out).
Try:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
You should be redirecting back to same host the request was made against, not necessarily the actual web server host.
I also don't believe there is a %{URI} variable in mod_rewrite. Supposed to use %{REQUEST_URI}.
EDIT 1
As per comments, should be:
<Location /members>
RewriteCond %{HTTPS} off
RewriteRule (.*) https://{HTTP_HOST}%{REQUEST_URI} [L]
.
.
</Location>
or:
<Directory /usr/local/django/mysite/apache>
RewriteCond %{HTTPS} off
RewriteRule (.*) https://{HTTP_HOST}%{REQUEST_URI} [L]
.
.
</Directory>
So, Location is for URL and Directory is for file system directory.
Related
I have a simple key value map file which converts olduserid's to new userid's
The objective is to pullup a member profile page from the old site and redirect to tyhe newsite where the member has a new userid.
My virtualhost config file is like this
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ServerAlias *.example.com
DocumentRoot /home/example/www
AllowEncodedSlashes NoDecode
<Directory /home/example/www>
Options Indexes FollowSymLinks MultiViews
Require all granted
AllowOverride All
</Directory>
CustomLog /var/log/httpd/example.com-access.log combined
ErrorLog /var/log/httpd/example.com-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel error
RewriteEngine on
RewriteMap profiles "txt:/home/example/www/userMap.txt"
RewriteCond %{SERVER_NAME} =*.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com [OR]
RewriteCond %{SERVER_NAME} =www.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]`
The in root directory my .htaccess looks like this
RewriteEngine on
RewriteCond %{QUERY_STRING} ^$
RewriteCond %{QUERY_STRING} ^$ RewriteRule ^member/([0-9])+$ https://www.newxample.com/member/$%7Bprofiles:$1%7D" [NC,L]
The mapfile looks like this but larger
5 1
3583 7657
3584 7658
3585 703
The permissions for the map file and it's location are 777
I have tried so many ways to write the rules and condition but am getting nowhere.
The redirect works but it does not include the values of the newuseris. It's simply null empty nada!
Any help would be greatly appreciated.
tl;dr I'm guessing you haven't defined the rewrite map (and possibly other config) in the <VirtualHost *:443> (HTTPS) container AND/OR you are only capturing the first digit of the old user ID.
The virtualhost config you've posted is for port 80 (HTTP) only. Which is redirected to HTTPS (port 443). There's not much point defining the RewriteMap in <VirtualHost *:80>, since you will also need to define it again in <VirtualHost *:443>. The same applies to granting access and allowing .htaccess overrides etc.
Basically, the vHost:80 container really just serves to redirect to HTTPS, then most of the config is defined in vHost:443.
Since you are redirecting to HTTPS directly in the vHost container, the .htaccess file is only going to be processed (if at all) when the request is already over HTTPS.
RewriteCond %{QUERY_STRING} ^$
RewriteCond %{QUERY_STRING} ^$ RewriteRule ^member/([0-9])+$ https://www.newxample.com/member/$%7Bprofiles:$1%7D" [NC,L]
The formatting/encoding of the code dump in your question is messed up (I'm assuming this is just a formatting issue with your question and not in your actual code), however, your regex that is capturing the old user ID is only capturing the first digit, so the lookup will likely fail (or return the wrong result):
^member/([0-9])+$
Should be:
^member/([0-9]+)$
Or, use a shorthand character class, eg. ^member/(\d+)$
Aside:
RewriteCond %{SERVER_NAME} =*.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com [OR]
RewriteCond %{SERVER_NAME} =www.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
By default, SERVER_NAME is the same as HTTP_HOST, ie. the value of the Host header used in the request. This is what you would seem to be assuming here, however, it is never equal to *.example.com (which is simply a wildcard alias). There shouldn't be a need to check the requested Host here since for the request to be at this point in the config, it must have already passed the ServerName / ServerAlias check. (This is assuming this is not the "default" vHost.)
The three RewriteCond directives are therefore redundant.
I have an app where you can send a link to content. The link is build like this:
domain.com/share/param1/param2/param3
The app is opened if the user has the app installed, otherwise it will open the website. For those who have not the app installed I got a webpage at domain.com/share where links to download the app are placed. The problem is that if you call / share/.../.../... you don't get redirected to /share.
I want to redirect everything with /share/... beginning to /share
I'm running Wordpress on an Apache
What I tried:
RewriteEnginge On
#1
RewriteRule ^share/.*$ share
#2
RewriteRule ^share/(.*)$ share
#3
RewriteRule ^share\/(.*)$ share
#4
RewriteRule share/.* share
#5 this is to exclude an error to Regex
RewriteRule share/test share
The rest of the .htaccess which (hopefully) doesn't have an impact:
# BEGIN Thunermay (Admin)
# set apple-app-site-association as application/json for Apple's crawler
<Files "apple-app-site-association">
Header set Content-type 'application/json'
</Files>
# ensure https
RewriteEngine On
# redirect all /share/anything links to /share
# Here was I trying to get it to work #
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301]
# END Thunermay
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php72” package as the default “PHP” programming language.
<IfModule mime_module>
AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
Thanks in advance!
The problem was, as #Cbroe stated, that I didn't redirect to the page but would only internally redirect, where the problem is, that this site does not exist. The solution was:
RewriteRule /share/.+ share [R,L]
The + is to have at least one character because otherwise it ended in an infinite loop, the R is to redirect it and not only show it in the URI and the L is for that it is the last rule and Wordpress does not catch it and point to the landing page.
The slight problem remaining is that my https redirect does not work anymore IF I have a share link and use http which my URI-generator does not, so it should not be an problem.
I'm using Apache to implement Shibboleth single sign on for a Laravel site. I'd like to bypass one specific subset of URLs from authentication (api/public, for example) so they're publicly accessible. For some reason the public folder's .htaccess file seems to be preventing this from working as expected.
I've tried this a bunch of different ways and all roads have lead to this same issue. Here's what I'm trying currently.
<Directory /var/www/html/mysite/public>
SSLOptions +StdEnvVars
Options Indexes FollowSymLinks MultiViews
AllowOverride All
<If "%{REQUEST_URI} =~ m#api/public#">
Require all granted
</If>
<Else>
AuthType shibboleth
ShibRequestSetting requireSession 1
Require valid-user
</Else>
</Directory>
Here's the .htaccess file that Laravel ships with:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
Unfortunately with the .htaccess file in place, the Else code is still getting executed and the Shib code runs. But I'm pretty sure the If condition is catching, because if throw in Require all denied as a test then it does forbid as expected.
If I remove the .htaccess however, this works! But it also means that any routing within Laravel is now broken, which I do need for this public-facing URL.
My best guess is that the .htaccess RewriteRule is causing the Else code to still run even after the If statement caught. Any suggestions on a way around this? Running into the same problem using Location directive.
Thanks.
Figured out a solution for this, will share here in case someone else runs into this. The issue was indeed that RewriteRule causes us to run through the whole thing again. The If stopped Shibboleth as expected the first time, but then we'd go through again after Laravel redirects us to index.php and pick it up anyway.
Solved it by changing the Else to an ElseIf where we exclude index.php:
<Directory /var/www/html/mysite/public>
SSLOptions +StdEnvVars
Options Indexes FollowSymLinks MultiViews
AllowOverride All
<If "%{REQUEST_URI} =~ m#api/public#">
Require all granted
</If>
<ElseIf "%{REQUEST_URI} !~ m#index\.php#">
AuthType shibboleth
ShibRequestSetting requireSession 1
Require valid-user
</ElseIf>
</Directory>
I have the below code for example to allow only certain IP's to access the page..
order deny,allow
deny from all
allow from 123.45.67.89
allow from 123.45.
<Files ~ ".(xml|css|jpe?g|png|gif|js)$">
Allow from all
</Files>
..but how do I control the page the user is shown if they are not allowed? Like, I want to redirect them to a certain page.
Put this code in your DOCUMENT_ROOT/.htaccess file:
RewriteEngine On
RewriteCond %{REQUEST_URI} !\.(xml|css|jpe?g|png|gif|js)$ [NC]
RewriteCond %{REMOTE_ADDR} !^(123\.45\.|19\.72\.48\.56)
RewriteCond %{REMOTE_ADDR} !^53\.81\.21\.94
RewriteRule !^maintenance\.html$ /maintenance.html [R=302,L,NC]
My mates and I are putting the finishing touches on our website hosted with ipage but we are just having one small issue with our .htaccess.
We want to make our urls SEO friendly (and neat) and the rewriterule is not working, we keep getting 404 errors. I just want to verify the syntax is correct. I have questioned it with ipage and they said mod_rewrite is installed and allowoverride all is set but couldn't help with the regular expression.
The url is:
http:// www.example.com/article.php?title=Some-Article
and we want to make it:
http:// www.example.com/Some-Article
the entire htaccess file:
# Protect db_connect
<files db_connect.php>
order allow,deny
deny from all
</files>
# Protect .htaccess
<files .htaccess>
order allow,deny
deny from all
</files>
Options +FollowSymLinks
Options +Indexes
RewriteEngine On
# Remove .php but still allow addressing .php
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php
RewriteRule ^([^/]*)/$ /article.php?title=$1 [L]
Any help would be greatly appreciated as I have searched for hours and also tested the syntax generated from http://www.generateit.net/mod-rewrite/ with no luck.
Regards,
Adam
Thanks guys,
My mates and I did end up sorting it, we changed around a few things on the back-end to make the url change from:
http:// www.example.com/article.php?title=Some-Article
to:
http:// www.example.com/article.php?article=Some-Article
then with the following adjustments to the .htaccess file we got it working:
RewriteEngine On
RewriteRule page/([^/]*)/$ /index.php?p=$1 [L]
RewriteRule ^product/([^/]*)$ /article.php?article=$1 [L]
RewriteRule ^([^/]*)/$ /index.php?sort=$1 [L]
RewriteRule ^([^/]*)/page/([^/]*)$ /?sort=$1&p=$2 [L]
so we now have the following urls being formed:
http:// www.example.com/page/2
http:// www.example.com/product/Some-Product/
http:// www.example.com/
http:// www.example.com/category/page/2
The debugging really did help, appreciate it, I turned up the error reporting level in php.ini and made it output to a file which I could access through FTP.