Subfolder .htacess not overriding parent .htacess options - apache

I have an .htacess on the root of my domain to redirect all traffic to index.php
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
#redirect http to https, remove www
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
#remove index.php from link
RewriteRule ^index.php$ - [L]
#redirect to index
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</IfModule>
#remove direct access to all *.php except index.php
<Files *.php>
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Files>
<Files index.php>
Order Allow,Deny
Allow from all
</Files>
Everything works as expected, traffic is redirect, when files exists show file.
now i have an admin folder /admin/ with and index.php and api.php
i can open the /admin/ and /admin/index.php but the /admin/api.php redirects to /index.php
i tried to put an .htaccess inside the /admin/ like this:
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine Off
RewriteEngine On
#redirect http to https, remove www
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</IfModule>
but getting the same results. /admin/ opens, but /admin/api.php redirects to index


found the problem/solution.
needed to add to the .htaccess inside the /admin/
<Files *>
Order Allow,Deny
Allow from all
</Files>

Related

Apache: client denied by server configuration, and I cant find the error

Im taking a project in my company where noneone knows about that, its a legacy code and noneones know where my error.
this project its based in SilverStripe 3.1.12 and AngularJS 1.XX
When i tray to create a vagrant machine for this proyect, I can not access to him using the brower, I always recevie
Forbidden
You don't have permission to access / on this server.
And in the logs
[Thu Sep 07 11:44:49.485143 2017] [authz_core:error] [pid 29040:tid 140301297456896] [client 192.167.1.1:55872] AH01630: client denied by server configuration: /vagrant/
the apache .conf file
<VirtualHost *:80>
ServerName mysiteonline.dev
DocumentRoot "/vagrant/"
ErrorLog /home/ubuntu/mysite-error.log
CustomLog /home/ubuntu/mysite-access.log combined
</VirtualHost>
The proyect has 2 .httaccess file
.
├── .httaccess (1)
├-- mysite-app
├-- .httaccess (2)
The fristone handle the silverstripe part, the secondne its for the angular part.
httacess for silverstripe:
DirectoryIndex index.php
# Deny access to templates (but allow from localhost)
<Files *.ss>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Files>
# Deny access to IIS configuration
<Files web.config>
Order deny,allow
Deny from all
</Files>
# Deny access to YAML configuration files which might include sensitive information
<Files *.yml>
Order allow,deny
Deny from all
</Files>
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf|json)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
# Route errors to static pages automatically generated by SilverStripe
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html
<IfModule mod_rewrite.c>
SetEnv HTTP_MOD_REWRITE On
RewriteEngine On
RewriteBase '/'
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteRule ^nl/(game|category|info)/[0-9]*-(.*)$ https://mysitespelletjes.nl/$2 [NC,R=301,L]
RewriteRule ^nl/(game|category|info)/*$ https://mysitespelletjes.nl/$1 [NC,R=301,L]
RewriteRule ^nl/(.*)$ https://mysitespelletjes.nl/$1 [NC,R=301,L]
RewriteRule ^nl$ https://mysitespelletjes.nl [NC,R=301,L]
RewriteRule ^en/(game|category|info)/[0-9]*-(.*)$ https://mysiteonline.com/$2 [NC,R=301,L]
RewriteRule ^en/(game|category|info)/*$ https://mysiteonline.com/$1 [NC,R=301,L]
RewriteRule ^en/(.*)$ https://mysiteonline.com/$1 [NC,R=301,L]
RewriteRule ^en$ https://mysiteonline.com [NC,R=301,L]
RewriteCond %{REQUEST_URI} !(\.css|\.js)$ [NC]
RewriteRule ^bower_components/(.*)$ mysite-app/bower_components/$1 [L]
RewriteRule ^bower_components/(.*)\.(css) mysite-app/bower_components/$1.css [L,T=text/css]
RewriteRule ^bower_components/(.*)\.(js) mysite-app/bower_components/$1.js [L,T=application/javascript]
RewriteCond %{REQUEST_URI} !(\.css|\.js)$ [NC]
RewriteRule ^app/(.*)$ mysite-app/app/$1 [L]
RewriteRule ^app/(.*)\.(css)$ mysite-app/app/$1.css [L,T=text/css]
RewriteRule ^app/(.*)\.(js)$ mysite-app/app/$1.js [L,T=application/javascript]
RewriteCond %{REQUEST_URI} !(\.css|\.js)$ [NC]
RewriteRule ^lib/(.*)$ mysite-app/lib/$1 [L]
RewriteRule ^lib/(.*)\.(css)$ mysite-app/lib/$1.css [L,T=text/css]
RewriteRule ^lib/(.*)\.(js)$ mysite-app/lib/$1.js [L,T=application/javascript]
RewriteCond %{REQUEST_URI} !(\.css|\.js)$ [NC]
RewriteRule ^dist/(.*)$ mysite-app/dist/$1 [L]
RewriteRule ^dist/(.*)\.(css)$ mysite-app/dist/$1.css [L,T=text/css]
RewriteRule ^dist/(.*)\.(js)$ mysite-app/dist/$1.js [L,T=application/javascript]
RewriteRule ^terms(.*) / [L]
RewriteRule ^vendor(/|$) - [F,L,NC]
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
RewriteRule composer\.(json|lock) - [F,L,NC]
RewriteRule ^lp($|/) - [L]
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{DOCUMENT_ROOT}/framework/main.php !-f
RewriteRule .* - [S=14] #If the above conditions fail skip all silverstripe routes.
RewriteRule ^Security/(.*) framework/main.php?url=Security/$1 [QSA,L]
RewriteRule ^admin(.*) framework/main.php?url=admin$1 [QSA,L]
RewriteRule ^block-account/(.*)/ framework/main.php?url=block-account/$1 [QSA,L]
RewriteRule ^affiliate/ framework/main.php?url=affiliate/ [QSA,L]
RewriteRule ^mediatek-proxy/(.*) framework/main.php?url=mediatek-proxy/$1 [QSA,L]
RewriteRule ^api/(.*) framework/main.php?url=api/$1 [QSA,L]
RewriteRule ^registration-api/(.*) framework/main.php?url=registration-api/$1 [QSA,L]
RewriteRule ^verify/(.*) framework/main.php?url=verify/$1 [QSA,L]
RewriteRule ^forgotpassword/(.*) framework/main.php?url=forgotpassword/$1 [QSA,L]
RewriteRule ^adyen(.*) framework/main.php?url=adyen/$1 [QSA,L]
RewriteRule ^providers/(.*) framework/main.php?url=providers/$1 [QSA,L]
RewriteRule ^incompatible-browsers framework/main.php?url=incompatible-browsers/ [QSA,L]
RewriteRule ^sitemap-generator framework/main.php?url=sitemap.xml [QSA,L]
RewriteRule ^dev(.*) framework/main.php?url=dev/$1 [QSA,L]
#IMAGES
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^image/(.*)\.png$ framework/main.php?url=image/$1 [QSA,L]
#PRERENDER
RewriteCond %{HTTP_USER_AGENT} baiduspider|facebookexternalhit|twitterbot|rogerbot|linkedinbot|embedly|quora\ link\ preview|showyoubot|outbrain|pinterest|slackbot|vkShare|W3C_Validator [NC,OR]
RewriteCond %{QUERY_STRING} _escaped_fragment_
RewriteCond %{QUERY_STRING} !url
RewriteCond %{REQUEST_URI} !^/image
RewriteRule ^(?!.*?(\.woff|\.ttf|\.svg|\.js|\.css|\.xml|\.less|\.png|\.jpg|\.jpeg|\.gif|\.pdf|\.doc|\.txt|\.ico|\.rss|\.zip|\.mp3|\.rar|\.exe|\.wmv|\.doc|\.avi|\.ppt|\.mpg|\.mpeg|\.tif|\.wav|\.mov|\.psd|\.ai|\.xls|\.mp4|\.m4a|\.swf|\.dat|\.dmg|\.iso|\.flv|\.m4v|\.torrent))(index\.php)?(.*) mysite-app/$3?_escaped_fragment_= [L]
#SITEMAP.xml
RewriteRule ^(.*)sitemap.xml mysite-app/sitemap.xml [L]
#MYSITE-APP pass through
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* mysite-app/ [L]
</IfModule>
And for Angular part
DirectoryIndex index.php
<IfModule mod_headers.c>
# Change YOUR_TOKEN to your prerender token and uncomment that line if you want to cache urls and view crawl stats
RequestHeader set X-Prerender-Token "LH4zvWkRZ0oGgbIgoAuw"
</IfModule>
<IfModule mod_rewrite.c>
SetEnv HTTP_MOD_REWRITE On
RewriteEngine On
RewriteBase '/'
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
# With the below proxy we achieve that sitemap.xml is proxied through our main server. And that the main server is informed from which URL the request was made
# This always the main server to server the sitemap.xml based on that domain.
# RewriteRule ^(.*)sitemap.xml http://mysite.local/sitemap-generator/?referrer=%{HTTP_HOST}/$1 [P,L]
<IfModule mod_proxy_http.c>
RewriteRule ^(.*)sitemap.xml https://mysiteonline.com/sitemap-generator/?referrer=%{HTTP_HOST}/$1 [P,L]
#RewriteRule ^(.*)sitemap.xml http://mysite.local/sitemap-generator/?referrer=%{HTTP_HOST}/$1 [P,L]
</IfModule>
# Prerender IO configuration
# Change the below url to the http://service.prerender.io/ server for staging + live else point it to http://localhost:3000/ DO NOT FORGET THE TRAILING SLASH!!!
# LIVE = http://service.prerender.io/
# DEV = http://localhost:3000/ MAKE SURE TO DISABLE AUTH!!
<IfModule mod_proxy_http.c>
RewriteCond %{HTTP_USER_AGENT} baiduspider|facebookexternalhit|twitterbot|rogerbot|linkedinbot|embedly|quora\ link\ preview|showyoubot|outbrain|pinterest|slackbot|vkShare|W3C_Validator [NC,OR]
RewriteCond %{QUERY_STRING} _escaped_fragment_
RewriteCond %{QUERY_STRING} !url
RewriteCond %{REQUEST_URI} !^/image
RewriteRule ^(?!.*?(\.woff|\.ttf|\.svg|\.js|\.css|\.xml|\.less|\.png|\.jpg|\.jpeg|\.gif|\.pdf|\.doc|\.txt|\.ico|\.rss|\.zip|\.mp3|\.rar|\.exe|\.wmv|\.doc|\.avi|\.ppt|\.mpg|\.mpeg|\.tif|\.wav|\.mov|\.psd|\.ai|\.xls|\.mp4|\.m4a|\.swf|\.dat|\.dmg|\.iso|\.flv|\.m4v|\.torrent))(index\.php)?(.*) https://service.prerender.io/https://%{HTTP_HOST}/$3 [P,L]
#RewriteRule ^(?!.*?(\.woff|\.ttf|\.svg|\.js|\.css|\.xml|\.less|\.png|\.jpg|\.jpeg|\.gif|\.pdf|\.doc|\.txt|\.ico|\.rss|\.zip|\.mp3|\.rar|\.exe|\.wmv|\.doc|\.avi|\.ppt|\.mpg|\.mpeg|\.tif|\.wav|\.mov|\.psd|\.ai|\.xls|\.mp4|\.m4a|\.swf|\.dat|\.dmg|\.iso|\.flv|\.m4v|\.torrent))(index\.php)?(.*) http://localhost:3000/http://%{HTTP_HOST}/$3 [P,L]
</IfModule>
</IfModule>
Please i have 2 days fighting, i cant not find the solution, for this... all the time I get:
Forbidden
You don't have permission to access / on this server.

You are still using old Apache 2.2 syntax which does not work anymore in Apache 2.4 (which I assume you are using).
The lines
Order deny,allow
Deny from all
Allow from 127.0.0.1
don't work anymore.
You must add a Require line:
Require local
For a full documentation on how to upgrade you Allow from/Deny from clauses see this document:
https://httpd.apache.org/docs/current/upgrading.html

https with url rewriting

When I enable https on my website, the url rewriting doesn't work ( not found ... )
My htaccess:
# URL Rewrite
<IfModule mod_rewrite.c>
RewriteEngine On
# Full path to your site
#
RewriteBase /
# 301 redirect if missing www.
#RewriteCond %{HTTP_HOST} !^www\.
#RewriteRule ^(.*)$ https://www.% {HTTP_HOST}/$1 [R=301,L]
#RewriteRule ^(static/|ajax\.php) - [F,L,NC]
# 301 redirect if missing trailing slash
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteRule [^/]$ %{REQUEST_URI}/ [R=301,L]
# Rules
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php?do=/$1
</IfModule>
How can I enable https with url rewriting ?

You have AllowOverride None in <Directory /var/www/> entry which means .htaccess isn't enabled.
To enable .htaccess change that to:
AllowOverride All
And restart Apache server.

You need to uncomment the lines first I think.

URL Rewrite in htaccess not working

i have a url www.example.com/mybooks/list.php?id=novel-15 now i want to rewrite this url as www.example.com/mybooks/novel-15 for this i have the following code in .htaccess file
<Files ~ "\.log$">
Order allow,deny
Deny from all
</Files>
RewriteEngine on
RewriteRule ^mybooks/([A-Za-z0-9-]+)/?$ mybooks/list.php?id=?id=$1 [NC,L]
but this is not working. anybody give me a good solution...

Try this rule in your /mybooks/.htaccess:
RewriteEngine on
RewriteBase /mybooks/
RewriteCond %{THE_REQUEST} /list\.php\?id=([^\s&]+) [NC]
RewriteRule ^ %1? [R=302,L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([A-Za-z0-9-]+)/?$ list.php?id=$1 [L,QSA]

Redirect www to non-www not working

I'm trying to redirect from www.mydomain.com to mydomain.com but I keep failing. I used default Laravel htaccess file and I modified it to remove www from my links.
Can someone tell me what's wrong here:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
# Redirect Trailing Slashes...
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
<IfModule mod_deflate.c>
<FilesMatch "\.(html|php|txt|xml|js|css)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>

.htaccess 301 redirect issue

I need 301 redirect from example.com to www.example.com. This is working solution, but when
I paste it in whole .htaccess site go down.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
Rest .htaccess file
php_flag magic_quotes_gpc off
php_flag magic_quotes_runtime off
php_flag register_globals off
RewriteEngine On
RewriteRule ^.htaccess$ - [F]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^(.*)$ $1 [L]
Options -Indexes
AddDefaultCharset windows-1251
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(service|news|search|project)/?$ index.php?menu=$1
RewriteRule ^error/([0-9]+)/?$ index.php?menu=error&loadinfo=$1
RewriteRule ^page/([0-9]+)/?$ index.php?menu=page&loadinfo=$1
RewriteRule ^news/([0-9]+)/?$ index.php?menu=news&loadinfo=$1
RewriteRule ^news/page-([0-9]+)/?$ index.php?menu=news&page=$1
RewriteRule ^service/([0-9]+)/?$ index.php?menu=service&category=$1
RewriteRule ^service/([0-9]+)/([0-9]+)/?$ index.php?menu=service&category=$1&loadinfo=$2
RewriteRule ^project/([0-9]+)/?$ index.php?menu=project&loadinfo=$1

Whats the AllowOverride value of the folder where you have your .htaccess? Your DocumentRoot (or VirtualHost) specification needs to be set to at least AllowOverride Options in order to allow php_flag within .htaccess files.
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]