How to restrict access the app through the subdomain? - apache

I'm binding the app with domain first time and I have bound my app with the domain and it has an A Name.
www.domain.de
I have also two subdomains.
api.domain.de
admin.domain.de
Now I have one static app and it must be accessed through only the main domain, not by subdomains.
What I Tried
RewriteEngine On
RewriteCond %{HTTP_HOST} ={api.domain.de}[NC]
RewriteCond %{QUERY_STRING} ^({folderName})
RewriteRule ^$ http://{domain}.de//?%1 [R=301,L]
Can anyone help to achieve this?

This probably is a straight forward approach...
It implements an external redirection of all requests to any hostname that differs from "www.example.com" while keeping the requested path and query string.
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.example\.com$
RewriteRule ^/?(.*)$ https://example.com/$1 [QSA,R=301]
I would, however, expect that there are certain requests you do not want to redirect. Both hostnames you mentioned in your question indicate that they are meant to be used for specific purposes. So most likely those requests should not get redirected?
This can be implemented using an additional internal rewriting that takes care of such requests before the more general redirection gets applied:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^admin\.example\.com$
RewriteCond %{REQUEST_URI} !^/admin/
RewriteRule ^/?(.*)$ /admin/$1 [END]
RewriteCond %{HTTP_HOST} !^www\.example\.com$
RewriteRule ^/?(.*)$ https://example.com/$1 [QSA,R=301]
These are just examples obviously, you will need to adapt them to fit your specific needs. Your question is vague here, so that is the best we can offer...
Update
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^api.domain.de$ [OR]
RewriteCond %{HTTP_HOST} ^admin.domain.de$
RewriteRule (.*)$ http://domain.de/projectName/$1 [R=301,L]
</IfModule>
This works for me... :)

Related

htaccess rewrite from http to https

Currently I redirect all http users (www or non-www) of upscfever.com to http://upscfever.com/upsc-fever/index.html
using
RewriteEngine on
RewriteCond %{HTTP_HOST} ^upscfever\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.upscfever\.com$
RewriteRule ^/?$ "http\:\/\/upscfever\.com\/upsc\-fever\/index\.html" [R=301,L]
Now I want all users to shift to https so I modified as follows:
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^upscfever\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.upscfever\.com$
RewriteRule ^/?$ "https\:\/\/upscfever\.com\/upsc\-fever\/index\.html" [R=301,L]
So that all who type upscfever.com OR www.upscfever.com should go to
https://upscfever.com/upsc-fever/index.html - instead
Plus all links should be https. But its not working I get Page not found.
Your server has to setup the https first, depend on hosting vendor, if your hosting is vps you need to setup https for apache, install cert also.
You can find some instruction like this:
https://manual.seafile.com/deploy/https_with_apache.html
https://www.digicert.com/csr-ssl-installation/apache-openssl.htm
I think you want to make 3 different changes:
Change your .htaccess file to redirect requests to root to your custom index irrespective of the HTTPS or HTTP for the original request
RewriteEngine on
RewriteCond %{HTTP_HOST} ^upscfever\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.upscfever\.com$
RewriteRule ^/?$ "https://%{SERVER_NAME}/upsc-fever/index.html" [R,L]
There is no R=301 part here because I'm not sure it is really wise to make permanent such a redirect to an obscure inner URL.
Redirect all other non-HTTPS requests to HTTPS (preserving the rest of the URL):
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^upscfever\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.upscfever\.com$
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
Making this redirect permanent seems pretty safe.
Change all internal links in all of your HTML pages (or whatever backend generates them) to use protocol-relative // prefix or explicitly https:// instead of current http://. Preserve the protocol for the external links as is.
As for troubleshooting, you may use the Network tab of the Chrome DevTools (F12) to see exact server reply (note: enabling "Preserve log" and "Disable cache" flags is useful in such context)
You can do that using a single rule as follows in your site root .htaccess:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(?:www\.)?upscfever\.com$ [NC]
RewriteRule ^/?$ /upsc-fever/index.html [R=301,L]
This will redirect both http and https URLs.
You may try something like this:
RewriteEngine On
RewriteCond %{HTTP_HOST} !=""
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
I hope below code will do the work for you
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://famebooking.net/$1 [R,L]
just simply add above code in .htaccess below authorization header condition is written under RewriteEngine On
Let me know if that helps.

Force HTTPS and WWW in .htaccess

I start reading about a similar topic at this page .htaccess - how to force "www." in a generic way? and the solution was not, well almost what I am looking to do.
The problem : I need the user to be on HTTPS and on WWW to make my application working properly. But if some one click on a html link like:
www.example.com
The user will fall on my website with this :
https://www.www.example.com/
Here is my current .htaccess file.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://www.%{SERVER_NAME}/$1 [R=301,L]
</IfModule>
Is there any way to detect that the user already entered the WWW or is there a best practice to get the result I am looking for?
Thank you.
You are getting this behavior because http -> https rule is adding www\. in target URL without checking if URL is already starting with www.
You should replace both of your rules with this single rule and as a bonus avoid multiple redirects:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC,OR]
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [R=301,L,NE]

Can't get htaccess rule to work: force SSL on all pages, force non-SSL on two specific pages

I am no htaccess expert, but after Googling for two hours I gave up. Maybe you can help me?
I have my entire site on SSL. However, I have two pages that reference non-secure dynamic content from elsewhere. I need these to be on http instead of https.
The first part of my rules work. All the site is forced to SSL except for those two pages. However, the last part doesn't: force those two pages to non-SSL. It is probably very stupid but does anyone see where I go wrong?
#add www. if missing WORKS
RewriteEngine on
RewriteCond %{HTTP_HOST} ^[^.]+\.[^.]+$
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [L,R=301]
#force SSL/https WORKS
RewriteCond %{HTTPS} !=on
RewriteCond %{REQUEST_URI} !^/webshop2/localize\.php
RewriteCond %{REQUEST_URI} !^/webshop2/layoutstripper\.php
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#force http DOES NOT WORK
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} ^/webshop2/localize\.php [NC]
RewriteCond %{REQUEST_URI} ^/webshop2/layoutstripper\.php [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
You need an [OR] flag in your second SSL rule. The 2 conditions you have essentially say:
the request must be HTTPS
the URI must start with: /webshop2/localize.php
the URI must start with: /webshop2/layoutstripper.php
As you can see, the last 2 conditions will always fail, as the request can't be BOTH at the same time. If you add an [OR] flag in there, it makes it true if the URI is one or the other:
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} ^/webshop2/localize\.php [NC,OR]
RewriteCond %{REQUEST_URI} ^/webshop2/layoutstripper\.php [NC]
RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

.htaccess file making new domain redirect to my original domain

To give a little background that may help understand this. I only had one domain on my host's server initially. I just added a new domain and it was redirecting to my first site.
I had to create an .htaccess file redirect my first site so that it would have my SSL on every page and so that it took the www. away from the sites name. The www. was causing issues with sessions when a customer would login.
So my code was like this:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^(.*) https://%1/$1 [R=301,NE,L]
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
The tech support of my host company said that this line was making my new site redirect to my old site:
RewriteRule ^(.*) https://%1/$1 [R=301,NE,L]
How can I make my code work so that is still has the exact same functionality of what it was doing and not interfere with my new domain and make it re-route to my old site?
Why not just exclude the new site, if I am understanding correctly?
RewriteEngine On
RewriteCond %{HTTP_HOST} !^(www\.)?newsite\.com [NC]
RewriteCond %{HTTP_HOST} ^www\.oldsite\.com [NC]
RewriteRule ^(.*)$ https://oldsite.com/$1 [R=301,NE,L]
RewriteCond %{HTTPS} ^off
RewriteCond %{HTTP_HOST} !^(www\.)?newsite\.com [NC]
RewriteRule ^(.*) https://oldsite.com/$1 [R=301,NE,L]
Alternatively maybe you can just tell it to not do anything based on the host. Try putting this at the top of your rules.
RewriteCond %{HTTP_HOST} ^(www\.)?newsite\.com [NC]
RewriteRule ^ - [L]
Note I haven't tested this.

Need a htaccess redirect rule to ignore a certain folder

I'm redirecting my .com website to .net using this
RewriteCond %{HTTP_HOST} ^cartoonizemypet\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.cartoonizemypet\.com$
RewriteRule ^(.*)$ "http\:\/\/www\.cartoonizemypet\.net\/$1" [R=302,L]
Which works (huzzah!) The problem is I need to also exclude a single folder and all of it's contents: http://www.cartoonizemypet.com/catoonizer
I've been messing around with it all day, trying to adapt other peoples from here, but I just keep breaking the site. I'm afraid I just don't know that much about rewrite rules.
Does anyone know how I can make it work?
Try:
RewriteCond %{REQUEST_URI} !^/catoonizer
RewriteCond %{HTTP_HOST} ^cartoonizemypet\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.cartoonizemypet\.com$
RewriteRule ^(.*)$ "http\:\/\/www\.cartoonizemypet\.net\/$1" [R=302,L]
Another way of doing it:
# Turn the engine on if it's not already
RewriteEngine On
# Check to make sure we're on the right host (www is optional)
RewriteCond %{HTTP_HOST} ^(www\.)?cartoonizemypet\.com$ [NC]
# Check to make sure we're not at the catoonizer URI (I assume that's a misspelling
# but it's what was in the example).
RewriteCond %{REQUEST_URI} !^(/catoonizer) [NC]
# If all conditions are met, redirect as 302.
RewriteRule ^(.*)$ http://www.cartoonizemypet.net/$1 [R=302,L]