I have a .htaccess file and i've set up a 'Coming Soon' website. It excludes my ip as i'm the developer but for other visitors I don't wan't it to change the url of the address.
Here's the file:
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^12.345.67.89$
RewriteCond %{REQUEST_URI} !/HTML/pages/construction.html
RewriteCond %{REQUEST_URI} !\.(jpe?g?|png|gif|css|ico|mp4) [NC]
RewriteRule ^(.*)$ /HTML/pages/construction.html [R=302,L]
ErrorDocument 404 /HTML/error-pages/404.html
How can I do this? Help is very much appreciated
If you don't want to change the URL then simply remove the redirect flag from your RewriteRule .
Do the following :
Change
RewriteRule ^(.*)$ /HTML/pages/construction.html [R=302,L]
To
RewriteRule ^(.*)$ /HTML/pages/construction.html [L]
There is no "503" response in the code presented here unless you are manually setting the HTTP response status in your server-side script. But if this is a .html file then that seems unlikely.
To correctly serve a "503 Service Unavailable" response you should define the appropriate ErrorDocument and call this using the R flag.
For example:
Options +FollowSymlinks
ErrorDocument 404 /HTML/error-pages/404.html
ErrorDocument 503 /HTML/pages/construction.html
RewriteEngine On
# 503 Service Unavailable except for the given IP address
RewriteCond %{REMOTE_ADDR} !^203\.0\.113\.111$
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule !\.(jpe?g?|png|gif|css|ico|mp4)$ - [NC,R=503,L]
Despite the use of the R flag, there is no external redirect here. (A redirect only occurs for status codes in the 3xx range.)
The condition that checks against the REDIRECT_STATUS environment variable does two things:
It ensures that an internal subrequest for the 503 ErrorDocument itself doesn't trigger a 503 - which would result in an endless loop and no custom ErrorDocument is returned in the response.
A direct request for the /HTML/pages/construction.html document (the 503 ErrorDocument) will itself trigger a 503 response.
Also note that if you are sending a 503 response, you should ideally be sending a Revisit-After HTTP response header as well to indicate to (search engine) bots when your site will be available.
Related
From this URL
www.example.com/error_documents/404
to this URL
www.example.com/404
I've tried many different .htaccess rules but none of them worked.
I'm trying to just hide the /error_pages/ folder section from the URL without any actual redirecting because if I write a correct *RewriteRule, its just keep repeating itself and I get an ERR_TOO_MANY_REDIRECTS error, because if you want to go to an unknown folder, the error document redirects to example.com/error_documents/404 and if I rewrite this to example.com/404, its an unknown folder so it is trying to redirect me to the /error_documents/404 page but the htaccess file keeps redirecting to a forever loop.
Current .htaccess file
RewriteEngine On
RewriteBase /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s/+error_pages/([^\s]+) [NC]
RewriteRule ^ %1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule (?!^error_pages/)^(.*)$ /error_pages/$1 [L,NC]
This .htaccess gives me forever loop:
www.example.com/unknownfolder
to
www.example.com/error_documents/404
to
www.example.com/404
and this keeps repeating...
I'm using cPanel for ErrorDocuments and the main .htaccess file is:
ErrorDocument 400 http://example.com/error_pages/400
ErrorDocument 401 http://example.com/error_pages/401
ErrorDocument 403 http://example.com/error_pages/403
ErrorDocument 404 http://example.com/error_pages/404
ErrorDocument 503 http://example.com/error_pages/503
Options -Indexes
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
ErrorDocument 400 http://example.com/error_pages/400
ErrorDocument 401 http://example.com/error_pages/401
ErrorDocument 403 http://example.com/error_pages/403
ErrorDocument 404 http://example.com/error_pages/404
ErrorDocument 503 http://example.com/error_pages/503
You shouldn't be using an absolute URL in the ErrorDocument directive in the first place - this is what is causing the external (302) redirect and exposing the location of /error_pages and the error document. Consequently, this also loses information about the request that caused the error.
However, /400 and /401 etc. should reference the actual file(s) that handle the request. eg. /400.html and /401.html etc.
You should be using a root-relative file-path (starting with a slash) to the error document and then Apache will issue an internal subrequest, rather than a redirect.
For example:
ErrorDocument 400 /error_pages/400.html
ErrorDocument 401 /error_pages/401.html
ErrorDocument 403 /error_pages/403.html
ErrorDocument 404 /error_pages/404.html
ErrorDocument 503 /error_pages/503.html
Your /error_pages now remains totally hidden from the end user.
No need to manually try and remove this from the URL (because it should never be present in the URL to begin with). You can (optionally) prevent direct access to the /error_pages directory if you want (careful not to block subrequests for the error documents).
Reference:
https://httpd.apache.org/docs/2.4/mod/core.html#errordocument
I have the below RewriteRule to redirect all the requests to scheduledmaint.htmlduring site maintenance
RewriteEngine on
RewriteCond %{ENV:REDIRECT_STATUS} !=503
RewriteRule !^/ScheduledMaintenance/(.*)$ /ScheduledMaintenance/scheduledmaint.html [L,R=503]
ErrorDocument 503 /ScheduledMaintenance/scheduledmaint.html
It works fine and scheduledmaint.html page is loaded successfylly but am seeing 200 response for all requests instead of 503. How do I make sure to apache returns 503 response for all requests?
Have it like this with negative lookahead to skip image/css/js from 503:
ErrorDocument 503 /ScheduledMaintenance/scheduledmaint.html
RewriteEngine On
RewriteRule ^(?!ScheduledMaintenance/|.+\.(ico|gif|jpe?g|png|css|js)$) - [NC,L,R=503]
Given the following htaccess:
DirectoryIndex
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L,QSA]
RewriteRule ^ http://%{HTTP_HOST}:8080%{REQUEST_URI} [P]
If the Tomcat instance is running under Port 8080, the request will be passed.
If the instance is not running, I'm getting an ugly 503-error.
I was trying to replace it with a custom-made page. This works:
ErrorDocument 503 "offline"
but this doesn't:
ErrorDocument 503 /home/www-data/error/503.html
I'm getting:
Additionally, a 503 Service Unavailable error was encountered while trying to use an ErrorDocument to handle the request.
What is the correct solution?
For ErrorDocument you need to give the path of your html page, relative to the document root. So if the DocumentRoot is /home/www-data/ simply set /error/503.html.
Now if this is a .htaccess present in /home/www-data/ then all documents which are children of this directories get the rules applied. So I think even your /error/503.html is treated by your Proxy directive:
RewriteRule ^ http://%{HTTP_HOST}:8080%{REQUEST_URI} [P]
Would be instead:
RewriteCond %{ENV:REDIRECT_STATUS} !=503
RewriteRule ^ http://%{HTTP_HOST}:8080%{REQUEST_URI} [P]
I think it should be enough, or you can exclude /error from the matching path.
I'm trying to only allow https connections to a subdomain of mine. My .htaccess looks like this currently:
Options -MultiViews -Indexes
ErrorDocument 403 /403.php
ErrorDocument 404 /404.php
RewriteEngine On
#Only allow https requests
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !/docs/?(.*)$ [NC]
RewriteRule ^ - [F]
#Docs file rewrite
RewriteRule ^docs/?$ /Docs.php
If I remove the Only allow https requests section and try to access a directory (e.g. http://foo.bar.com/images/), I am displayed my pretty 403 page. But if I leave that section in and go to the subdomain root (e.g. http://foo.bar.com/), I get the default error page, is this something to do with htaccess completely forbidding access to all files?
Examples:
Through a secure connection the 403 page works - https://api.subjectplanner.co.uk/assets
But through a non secure one, it is the default page - http://api.subjectplanner.co.uk/assets
RewriteEngine On should be before you use rewrite rules:
Options -MultiViews -Indexes
ErrorDocument 403 /403.php
ErrorDocument 404 /404.php
RewriteEngine On
#Only allow https requests
RewriteCond %{HTTPS} off
RewriteRule !^docs - [NC,F]
RewriteRule ^docs/?$ /Docs.php [L,NC]
I am creating a custom web server that is designed to serve a single page, regardless of the request URL:
- www.example.com/
- www.example.com/spam/eggs/spam/?ID=eggs
- foo.example.com/
- ...
I am using a wildcard DNS entry to handle the subdomains, but I'm wondering about the best way to handle the page requests.
My first thought was simply to have no pages on the site and create a custom 404 page which was the page I wanted to serve, but I thought that losing an error page might have problems in the future, not to mention sending a 404 error to the client might have effects I am not aware of. Should I be using mod-rewrite instead?
How would you do this? 404, mod_rewrite, or?
I'll use this as an answer
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php/$1 [L]
</IfModule>
<IfModule !mod_rewrite.c>
ErrorDocument 404 /index.php
</IfModule>