1and1 .htaccess directives: explanation needed - apache

I have no experience with modifying .htaccess file.
I'm trying to add custom error pages to my website, and I got the following template from the hosting provider (1and1). I know how to add the pages, but I would like to understand line by line what the code is doing.
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) /errordocument.html
ErrorDocument 400 /errordocument.html
RemoveType x-mapp-php4 .html
Thank you in advance for your help!

Let's start with line one:
RewriteEngine On - quite a simple one, it says it in the name, it enables the rewrite engine to allow us to do many things. (I wont go into detail on what all these things are)
RewriteCond %{REQUEST_FILENAME} !-f and RewriteCond %{REQUEST_FILENAME} !-d basically checks for anything that isn't a file or a directory, if these two conditions are met, it will move on to the RewriteRule if not, then nothing past this will be run.
RewriteRule (.*) /errordocument.html - This is basically telling the server that if the above conditions are met, to redirect to the error page named errordocument.html. (This coincides with your above conditions being met of course).
ErrorDocument 400 /errordocument.html - Simply put, this just tells the server that if a 400 error is received, to then display the errordocument.html page.
Finally RemoveType x-mapp-php4 .html - This is basically telling your Apache server to remove any extensions that are .html from the end of your URLs.
For more in-depth information into each of these and how extensively they can be used, take a look at the Documentation for Apache by clicking here
I hope this helps you to understand what is going on a bit better.

Related

Redirect all to index.php using htaccess

I am writing a simple PHP-based MVC-ish framework. I want this framework to be able to be installed in any directory.
My PHP script grabs the request uri and breaks it off into segments. It makes segment 1 the controller and segment 2 the action. This goes all fine when I do this:
http://www.example.com/mvc/module/test/
It will go to the specific module controller and method. Now I have a default controller, the home controller, which is in folder home.
Now when I access this folder directly http://www.example.com/mvc/home/
It will display a 403 forbidden , because this folder does exist, instead it should also go back to http://www.example.com/mvc/index.php
If I would have installed the framework in a different folder, lets say folder framework it has to redirect back to http://www.example.com/framework/index.php
I would like to redirect every folder and php file back to the index.php, leaving everything else the way it is.
My first problem I encountered was it never redirects to the right folder, always to the domain root folder.
This is what I tried :
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule . index.php [L]
Your rewrite rule looks almost ok.
First make sure that your .htaccess file is in your document root (the same place as index.php) or it'll only affect the sub-folder it's in (and any sub-folders within that - recursively).
Next make a slight change to your rule so it looks something like:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?path=$1 [NC,L,QSA]
At the moment you're just matching on . which is one instance of any character, you need at least .* to match any number of instances of any character.
The $_GET['path'] variable will contain the fake directory structure, so /mvc/module/test for instance, which you can then use in index.php to determine the Controller and actions you want to perform.
If you want the whole shebang installed in a sub-directory, such as /mvc/ or /framework/ the least complicated way to do it is to change the rewrite rule slightly to take that into account.
RewriteRule ^(.*)$ /mvc/index.php?path=$1 [NC,L,QSA]
And ensure that your index.php is in that folder whilst the .htaccess file is in the document root.
Alternative to $_GET['path'] (updated Feb '18 and Jan '19)
It's not actually necessary (nor even common now) to set the path as a $_GET variable, many frameworks will rely on $_SERVER['REQUEST_URI'] to retrieve the same information - normally to determine which Controller to use - but the principle is exactly the same.
This does simplify the RewriteRule slightly as you don't need to create the path parameter (which means the OP's original RewriteRule will now work):
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ /index.php [L,QSA]
However, the rule about installing in a sub-directory still applies, e.g.
RewriteRule ^.*$ /mvc/index.php [L,QSA]
The flags:
NC = No Case (not case sensitive, not really necessary since there are no characters in the pattern)
L = Last (it'll stop rewriting at after this Rewrite so make sure it's the last thing in your list of rewrites)
QSA = Query String Append, just in case you've got something like ?like=penguins on the end which you want to keep and pass to index.php.
To redirect everything that doesnt exist to index.php , you can also use the FallBackResource directive
FallbackResource /index.php
It works same as the ErrorDocument , when you request a non-existent path or file on the server, the directive silently forwords the request to index.php .
If you want to redirect everything (including existant files or folders ) to index.php , you can use something like the following :
RewriteEngine on
RewriteRule ^((?!index\.php).+)$ /index.php [L]
Note the pattern ^((?!index\.php).+)$ matches any uri except index.php we have excluded the destination path to prevent infinite looping error.
There is one "trick" for this problem that fits all scenarios, a so obvious solution that you will have to try it to believe it actually works... :)
Here it is...
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [L,QSA]
</IfModule>
Basically, you are asking MOD_REWRITE to forward to index.php the URI request always when a file exists AND always when the requested file doesn't exist!
When investigating the source code of MOD-REWRITE to understand how it works I realized that all its checks always happen after the verification if the referenced file exists or not. Only then the RegEx are processed. Even when your URI points to a folder, Apache will enforce the check for the index files listed in its configuration file.
Based on that simple discovery, turned obvious a simple file validation would be enough for all possible calls, as far as we double-tap the file presence check and route both results to the same end-point, covering 100% of the possibilities.
IMPORTANT: Notice there is no "/" in index.php. By default, MOD_REWRITE will use the folder it is set as "base folder" for the forwarding. The beauty of it is that it doesn't necessarily need to be the "root folder" of the site, allowing this solution work for localhost/ and/or any subfolder you apply it.
Ultimately, some other solutions I tested before (the ones that appeared to be working fine) broke the PHP ability to "require" a file via its relative path, which is a bummer. Be careful.
Some people may say this is an inelegant solution. It may be, actually, but as far as tests, in several scenarios, several servers, several different Apache versions, etc., this solution worked 100% on all cases!
You can use something like this:
RewriteEngine on
RewriteRule ^.+$ /index.php [L]
This will redirect every query to the root directory's index.php. Note that it will also redirect queries for files that exist, such as images, javascript files or style sheets.
Silly answer but if you can't figure out why its not redirecting check that the following is enabled for the web folder ..
AllowOverride All
This will enable you to run htaccess which must be running! (there are alternatives but not on will cause problems https://httpd.apache.org/docs/2.4/mod/core.html#allowoverride)
just in case you were still wondering how to redirect all request either if the directory exists (for core framework folders and files) to the framework index handler, after some error/success attempts just noticed I just needed to change the RewriteCond in the .htaccess file
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
the above condition states "not found files" and "not found directories", ok, what if just remove "not found" (!-d) line, and ended with something like the below:
RewriteEngine on
RewriteBase /framework/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /framework/index.php [L,QSA]
It worked for me like a charm
I just had to face the same kind of issue with my Laravel 7 project, in Debian 10 shared hosting. I have to add RewriteBase / to my .htaccess within /public/ directory. So the .htaccess looks a like
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ /index.php [L,QSA]
After doing that don't forget to change your href in,
home
Example:
.htaccess file
RewriteEngine On
RewriteRule ^about/$ /about.php
PHP file:
about

Forwarding all htm file extensions to a a specific file

I have been given a task to change 100's of .htm files on a site to only show the contact page. As appose to changing the files I am thinking to just use a .htaccess file and force all requests which includes a ".htm" or ".html" to the contact.htm page.
I have very limited knowledge about .ht_access files and the one I have which forces all requests through a index.php isn't working because one of the rewrite conditions is to check whether the file is real or not.
Any advice or tips will greatly be appreciated:
// My .htaccess rules at the moment:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ contact.htm [NC,L]
You can try something like this:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^[^\.]*\.htm$ contact.htm [NC,L]
This will replace everything that ends with .htm to contact.htm
EDIT: Made a mistake, checked it and fixed it
If you want to maintain your SEO and prevent link rot (which is bad), you'll want to let the client know that the old HTML file is no longer valid:
RedirectMatch 301 ^.*html?$ http://example.com/contact.html
Edit: as an interesting side note, returning a 410 might be a more appropriate response.

Mod-Rewrite rules are breaking 404 routing

I am using the following mod-rewrite in my .htaccess file:
RewriteRule ^$ pages/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ pages/$1 [L]
The intention is to hide the subdirectory called /pages/ from displaying in the URL.
So this: http://mysite.com/pages/home.html
Will look like this: http://mysite.com/home.html
It works but there are some unintended consequences.
As a direct result of the .htaccess code I posted above, my 404 routing is no longer working at all. Anything that should trigger a 404 error page is instead generating a 500 Server Error.
How to fix?
EDIT:
As implied above, it does not matter if a custom 404 page is defined in the .htaccess or not. Without it, or a bad path to the error page, the server should still route to its default 404 page, and not give a 500 Server Error.
Surely, there must be a standard way to suppress sections of a URL without breaking the normal routing of 404 errors. From my online research it seems that my method above commonly breaks the 404 routing, and yet so far, I've seen no applicable solution. (This is not a Wordpress installation; just static HTML content)
EDIT 2:
Since I'm only wanting to suppress the one directory from the URL, I never mentioned that I also have other files & directories which are siblings to /pages/ that cannot be pointed at /pages/, such as /graphics/, /includes/, /css/, /cgi-bin/, robots.txt, favicon.ico, etc.
Maybe this is all an exercise in futility or more trouble than it's worth?
Looking for a definitive answer either way.
Following config will look for your static pages inside the pages/ and if found, it'll display them. This shouldn't break 404.
Put it in root folder of your web in .htaccess
RewriteEngine On
RewriteCond %{DOCUMENT_ROOT}/pages/%{REQUEST_URI} -f [OR]
RewriteCond %{DOCUMENT_ROOT}/pages/%{REQUEST_URI} -d
RewriteRule ^(.*)$ /pages/$1
This should achieve what you are trying to do.
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/([a-zA-Z0-9\_\-]+)\.html$
RewriteRule (.*) /pages/$1 [L]
Thank-you to #Kamil Šrot for getting the closest working solution. However, I needed to add another test ( -d ) to see if the requesting URI is a directory.
This is working great and the 404 error page is again routing properly.
RewriteEngine On
RewriteBase /
RewriteCond %{DOCUMENT_ROOT}/pages/%{REQUEST_URI} -f [OR]
RewriteCond %{DOCUMENT_ROOT}/pages/%{REQUEST_URI} -d
RewriteRule ^(.*)$ /pages/$1
How about adding an error page direction to your htaccess file to handle the 404 page:
ErrorDocument 404 /path/to/your/404.html

how to make url rewrite apache whitout any rewrite condition?

sorry, but i'am less understand about url rewrite...
i want to rewrite my url from :
http://localhost/controller/index.php/user/edit
to
http://localhost/controller/user/edit
i can make it with this .htaccess :
RewriteEngine On
RewriteBase /controller/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [PT,L]
but, the rewrite works if there is no file exist at controller/user/edit.php
i want every request to under my controller/xxx is rewrited to controller/index.php/xxx whether the file is exist or not....
i have remove the RewriteCond so my current one is like this :
RewriteEngine On
RewriteBase /controller/
RewriteRule ^(.*)$ index.php/$1 [PT,L]
but, it shown internal service error..
There are a lot of things that don't make sense to me. Mainly, your question says to want to rewrite a URL having index.php in it to one that does not, but your rewrite rule, which you say works in some cases does the opposite, it pre-pends index.php to requests.
If you have access to your apache error and access log, you might see if there's more information about exactly at what point the error occurred -- was it when the .htaccess file was processed, or was it from within your php program?
I will assume that the goal here is to take "pretty" urls like /controller/user/edit and have the index.php program actually process the /user/edit part of the path.
If so, I think you may want to set the RewriteBase to /, and change your .htaccess to
RewriteEngine On
RewriteBase /
RewriteRule ^(.*)$ controller/index.php/$1 [PT,L]
The RewriteBase / directive says that all requests are relative to the server's DOCUMENT_ROOT setting. The change to the rewrite rule instructs all requests to go to the directory controller and file index.php, appending the original requested path afterwards.
(Note: I don't think you want to use the PT flag in this case, and it would be better form to escape the . which is a regex operator as index\.php, but I think neither of these are relevant to the problem here)
It is not clear if you do want the / before the $1. If your PHP program (index.php) is getting called with it present, and knows how to handle it, then it's fine, but it's a little unusual, and there may be cases where you end up with multiple /'s from within the php program.
But do you really want to do this? The typical use of the RewriteCond %{REQUEST_FILENAME} !-f is to handle cases such as image files and css or javascript files that are static and need not be handled by your controller. RewriteCond %{REQUEST_FILENAME} !-d depends on your system (but it's purpose to see that the request is not for a directory).
Anyway, the basic change as I proposed might help, but if not, perhaps you can clarify your intent and provide some actual URLs and a look inside index.php

How do I ignore a directory in mod_rewrite?

I'm trying to have the modrewrite rules skip the directory vip. I've tried a number of things as you can see below, but to no avail.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#RewriteRule ^vip$ - [PT]
RewriteRule ^vip/.$ - [PT]
#RewriteCond %{REQUEST_URI} !/vip
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
How do I get modrewrite to entirely ignore the /vip/ directory so that all requests pass directly to the folder?
Update:
As points of clarity:
It's hosted on Dreamhost
The folders are within a wordpress directory
the /vip/ folder contains a webdav .htaccess etc (though I dont think this is important
Try putting this before any other rules.
RewriteRule ^vip - [L,NC]
It will match any URI beginning vip.
The - means do nothing.
The L means this should be last rule; ignore everything following.
The NC means no-case (so "VIP" is also matched).
Note that it matches anything beginning vip. The expression ^vip$ would match vip but not vip/ or vip/index.html. The $ may have been your downfall. If you really want to do it right, you might want to go with ^vip(/|$) so you don't match vip-page.html
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
This says if it's an existing file or a directory don't touch it. You should be able to access site.com/vip and no rewrite rule should take place.
The code you are adding, and all answers that are providing Rewrite rules/conditions are useless! The default WordPress code already does everything that you should need it to:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
Those lines say "if it's NOT an existing file (-f) or directory (-d), pass it along to WordPress. Adding additional rules, not matter how specific or good they are, is redundant--you should already be covered by the WordPress rules!
So why aren't they working???
The .htaccess in the vip directory is throwing an error. The exact same thing happens if you password protect a directory.
Here is the solution:
ErrorDocument 401 /err.txt
ErrorDocument 403 /err.txt
Insert those lines before the WordPress code, and then create /err.txt. This way, when it comes upon your WebDAV (or password protected directory) and fails, it will go to that file, and get caught by the existing default WordPress condition (RewriteCond %{REQUEST_FILENAME} !-f).
In summary, the final solution is:
ErrorDocument 401 /misc/myerror.html
ErrorDocument 403 /misc/myerror.html
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I posted more about the cause of this problem in my specific situation, involving Wordpress and WebDAV on Dreamhost, which I expect many others to be having on my site.
You mentioned you already have a .htaccess file in the directory you want to ignore - you can use
RewriteEngine off
In that .htaccess to stop use of mod_rewrite (not sure if you're using mod_rewrite in that folder, if you are then that won't help since you can't turn it off).
Try replacing this part of your code:
RewriteRule ^vip/.$ - [PT]
...with the following:
RewriteCond %{REQUEST_URI} !(vip) [NC]
That should fix things up.
RewriteCond %{REQUEST_URI} !^pilot/
is the way to do that.
In my case, the answer by brentonstrine (and I see matdumsa also had the same idea) was the right one... I wanted to up-vote their answers, but being new here, I have no "reputation", so I have to write a full answer, in order to emphasize what I think is the real key here.
Several of these answers would successfully stop the WordPress index.php from being used ... but in many cases, the reason for doing this is that there is a real directory with real pages in it that you want to display directly, and the
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
lines already take care of that, so most of those solutions are a distraction in a case like mine.
The key was brentonstrine's insight that the error was a secondary effect, caused by the password-protection inside the directory I was trying to display directly. By putting in the
ErrorDocument 401 /err.txt
ErrorDocument 403 /err.txt
lines and creating error pages (I actually created err401.html and err403.html and made more informative error messages) I stopped the 404 response being generated when it couldn't find any page to display for 401 Authentication Required, and then the folder worked as expected... showing an apache login dialog, then the contents of the folder, or on failure, my error 401 page.
I’ve had the same issue using wordpress and found that the issue is linked with not having proper handler for 401 and 403 errors..
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
These conditions are already supposed not to rewrite the url of existing folders but they don’t do their job for password protected folders. In my case, adding the following two lines to my root .htaccess fixed the problem:
ErrorDocument 401 /misc/myerror.html
ErrorDocument 403 /misc/myerror.html
Of course you need to create the /misc/myerror.html,
This works ...
RewriteRule ^vip - [L,NC]
But ensure it is the first rule after
RewriteEngine on
i.e.
ErrorDocument 404 /page-not-found.html
RewriteEngine on
RewriteRule ^vip - [L,NC]
AddType application/x-httpd-php .html .htm
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
etc
I'm not sure if I understand your objective, but the following might do what you're after?
RewriteRule ^/vip/(.*)$ /$1?%{QUERY_STRING} [L]
This will cause a URL such as http://www.example.com/vip/fred.html to be rewritten without the /vip.