Naturally, I have a .htaccess file in /var/www/html.
However, I'd like to use an independant file (e.g. .rewrites) within /var/www/html that only contains my URL rewrites. Is this possible to achieve by adding a line in the .htaccess files telling it to include the .rewrites file when being read?
Long story short: no, I'm affraid it can't be done. There is no way, at the time of writing this, to "merge" or "include" contents in an .htaccess file.
It is possible to declare multiple files names in the apache AccessFileName directive, however, the first one from the list that's found in the directory wins, and, as they can't be merged, others (if present) should just be ignored, afaik.
Edit: You can read the (very) long version at Apache Docs and check the directives marked 'h' (for .htaccess).
While you cant put all your rewrites in 1 .htaccess file, what I do is instead of using .htaccess files I put all my rewrites in the apache config files directly. This assumes you admin the web server and have access to the config files, and you dont have users that need access to them.
Years ago, I would just have a section in httpd.conf where I put all my rewrites but since Redhat and others have split up the configs into seperate files I have a file in /etc/httpd/conf.d/rewrites.conf that contains all the rewrites.
Related
I already have an awk script called viewzip.cgi which works as follows:
...viewzip.cgi/path_to_zipfile/zipfile.zip/
will show the root directory of that file,
...viewzip.cgi/path_to_zipfile/zipfile.zip/subdir/
shows a subdirectory (if present)
...viewzip.cgi/path_to_zipfile/zipfile.zip/path_to_file/file
will download one particular file.
Now what I want is omitting the "viewzip.cgi" part in the URL and an automatic redirect working as follows:
...path_to_zipfile/zipfile.zip
should download the zipfile as it would be standard behaviour, but
...path_to_zipfile/zipfile.zip/
with the trailing slash should redirect to a path like the first example, and also when trailing subdirs or files are appended.
How can I do that, if so? I have access to file system (i.e. ".htaccess") but not to apache's root configuration files. Or is there a (possibly well-known) better solution? A similar problem applies to .chm files which would be more easily browseable when unpacked on server on request. It would be nice if I don't need to repeat a redirection line for each single zipfile I have.
henni
The RedirectMatch keyword does the job.
RedirectMatch .../((?!viewzip\.cgi/).*)\.zip/(.*) http://www.../.../viewzip.cgi/$1.zip/$2
I am about to start learning Apache. All resources I am looking into, mention either php.ini, or .htaccess or httpd.conf files for setting configurations and stuff. But none of them are clear on the difference between these 3 files. Can anyone explain the difference and their usage?
httpd.conf (it can actually be named differently on some platforms, but that's the default) is the master configuration file for Apache. You can use Include statements to pull in external configuration files. httpd.conf is read in when Apache starts or if you run a 'reload'.
.htaccss is a per-directory configuration file for Apache. You can enable or disable the use of .htaccess files in your httpd.conf file. Where possible its been recommended to me to turn .htaccess use off, as Apache will check the file every time a request causes it to read the directory.
PHP is, as you probably know, separate from Apache, although often used with it. php.ini is the configuration file for the PHP engine.
Every daemon or application has it's own configuration files. On linux these are often located in the /etc directory. You will have to learn to edit each one according to the program. the /etc/php5/php.ini is different from the /etc/apache2/httpd.conf and so on.
Think of them like different types of files. a Word document is not the same as a JPEG Image or a AVI video.
The PHP.ini controls PHP's settings
The .htaccess controls apache settings for a given folder (and all child folders)
The httpd.conf controls apache's settings.
php.ini is a configuration file where you specify options for things
related specifically to php, for instance CURL
.htaccess is where you specify options for URI routing and folders
options on your server
httpd.conf is a configuration file where you specify options for
things related specifically to apache
I have created an axtra ftp account for someone else, so he can upload files.(tournament results, about 20/30 htm files and images)
I am also very paranoid, so in case he upload "possible dangerous" files, i do not want those files to be accessible via an http request. With the help of PHP I want to grab the content of those files. (I do not expect troubles with that yet)
Problem:
My hoster does not allow extra ftp accounts have access outside the public_html.
So i thought htacces should solve my problem. Just by deny from all rule.
But with ftp acces this htaccess file can be deleted or changed.
So i tried to add the following code in my main htacces file in the root of my site:
<Directory "/home/xxxx.nl/public_html/xxxxxxxx.nl/onzetoernooien/swissmaster_ftp">
deny from all
</Directory>
My site hung with an internal server error.
I have no access to the httpd file.
My idea was to use an htacces file above this directory.
If the absolute path was incorrect, i could use some kind of wildcard, like *swissmaster?
I have searched on the Apache website, but i get lost in the overwhelming amount of information.
Thanks in advance for any help!
Unfortunately you can't use a <Directory> section in .htaccess, only in the server configuration file. That causes the server error (check your error logs and you'll see the error message). We can't secure a subdirectory with a <Filesmatch "subdir/.*$"> either, as FilesMatch examines only the filename part of the requested URI.
You can, however, use mod_rewrite, along these lines:
RewriteEngine on
RewriteRule ^subdir.*$ - [NC,F]
If the requested URI matches the regex pattern subdir.* (so "subdir" followed by anything else; you may need to tweak the pattern, as it happily catches subdir_new/something.txt too -- I'm sure you get the idea), then mod_rewrite's F flag will return a 403 Forbidden status (the NC stands for No-Case, making the pattern case-insensitive).
I'm working in a hosted situation where I have a primary webroot located in ~/www. I have several subdomains hosted in ~/www/__subdomains. In the primary webroot, I have a .htaccess file that does a bit of minor rewriting. In two of my subdomains, I have similar .htaccess files and these subdomains respond properly.
In 2 other, newly created subdomains, I have .htaccess files that are empty save for an AddHandler directive. What I'm finding is that the root .htaccess file's existence/content affects these 2 subdomains. They throw a 500 error. As soon as I rename that one, the broken subdomains work.
This, of course, breaks the other sites so I can't just move this off, but it violates my understanding of how .htaccess recursion works. I thought that as long as there was a .htaccess file in a subdirectory, those in ancestor directories would never get executed.
Clearly, I'm wrong about that so I'm hoping someone can educate me and help me get this fixed.
Thanks.
.htaccess files are applied from the current directory up, stopping at the main configuration. Any rules and directives that are in the current directory's .htaccess file, supersede any other rules found while evaluating .htaccess further up.
However, the problem, as you've found, is that rules that aren't explicitly overridden, are applied from the other files. You can reference the Apache .htaccess Tutorial for further explanation, specifically, the How directives are applied section.
Hope that helps.
I need to do a url-rewriting job now.
I don't know whether I should put the code into a .htaccess or httpd.conf?
EDIT
What's the effecting range of .htaccess?Will it affect all requests or only requests to the specific directory it's located?
If you wont have to change your rules very often, you should put them in the httpd.conf and turn off overriding in the top directory your rules apply to
AllowOverride None
With no overriding, your apache will not scan every directory for .htaccess files making less of an overhead for each request.
Whenever you do have to change your rules, you will have to restart your apache server if you put it in your httpd.conf as opposed to them being instantly detected in .htaccess files because it reads them all on every request.
You can easily do this using a graceful restart with the apachectl tool to avoid cutting off any current requests being served.
apachectl graceful
If you aren't going to turn override off, you might as well just use .htaccess only.
Edit in response to your edit:
Say you have a request for www.example.com/dir1/dir2/dir3/file
Apache will look for a .htaccess file in all 3 of those directories and the root for rules to apply to the request if you have overriding allowed.
Ease of use and IMO maintainability (just go to the dir you want as any permissioned user) = .htaccess but that is parsed repeatedly vs. the parse once in httpd.conf where your über-high volume would be best set.
There are three issues here in terms of which is "better":
performance
management
security
.htaccess is slower, harder to manage, and potentially less secure. If you have access to the httpd.conf, then placing rules there can be easier to manage (in one place), faster ("AllowOverrides None" means that the server does not look in the current directory and any parent directories for an override file to parse and follow), and since .htaccess files are not present in the website directory, they cannot be edited (and if created, will be ignored).
You may use both of them. IMHO, .htaccess will be a bit better