I'm following the symfony create your own mvc tutorial and I'm at a loss as to how to configure my apache server to point to the web directory.
Following the tutorial. My file structure has pages in the src folder, composer in the vendor folder and my front.php in the web folder with the associated routes. If I go to web/front.php all works fine.
How do I configure the .htaccess file?
Generally it is recommended not to use dynamic configuration files (".htaccess"), but to place rewriting rules inside the host configuration itself (performance and maintainability reasons). You will find tons of examples for such internal rewritings here on SO, your best starting point to read into that however certainly is the official documentation. It comes with great examples: http://httpd.apache.org/docs/current/mod/mod_rewrite.html
This is a simple example that should point you into the right direction:
RewriteEngine on
RewriteRule ^/?projectname/(.*)/?$ /web/front.php?variable=$1 [L]
That will take care to internally rewrite the request so that you can access the variable value as $_GET['variable'].
The example uses a pattern that will work likewise in dynamic configuration files (".htaccess") and in the real http servers host configuration. If you really want to use dynamic files, then you also need to enable their interpretation by means of the AllowOverride directive. Again take a look at the official documentation for that: https://httpd.apache.org/docs/2.4/mod/core.html#allowoverride
Related
I need to block some uld URLs that are generating a lot of traffic in my web server (Apache). For example to block all the requests like https://example.com/xxxxxx/
I Can't do that with IPtables so I am using mod_rewrite with a rule in my .htaccess
That is still consuming a lot of resources and I am wondering if there is a better way to block the request before reaching Apache. Or another most efficient way to do it within Apache. For example, I heard that parsing .htaccess files consumes resources so not sure if using the vhost .conf file can help or it is really the same...
Any advice on how can I block requests using the URL?
Thank you experts!
Certainly distributed configuration files consume more load than a single, central and static configuration. But the differences are not like day and night. The issue with a distributed configuration is more the effort to keep the overview, to maintain it.
If you can keep those requests away from the http server at all you certainly will see more difference. You could consider using a frontend server. Something like nginx or HAProxy that acts as a gate keeper and only forwards those requests you actually want to respond to. This makes little sense on a single system though, you'd need two separate cloud services or even systems for that.
The best approach would be to add something like this to your httpd / vhost.conf file:
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/xxxx$
RewriteRule ^ - [F]
Every call to /xxxx would result in mod_rewrite to return a 403 response.
Make sure to place those rules into the according vhost tag.
I often have projects that produce some sort of output folder, usually named build or public or something like that. But if I deploy my entire project to an Apache web server, in order to route to the actual project you would have to do it like this: https://example.com/user/project/build/file.
To simplify and shorten the url, how can I rewrite requests in a .htaccess file so that if google for user/project/file it automatically routes it to user/project/build/file?
The best usually is to place only those files under the DOCUMENT_ROOT that are actually meant to be directly published by the http server. That also typically simplifies the URL to access them. The rest of the files, scripts and ressources should be kept outside the DOCUMENT_ROOT. You can still access them inside your application logic.
Sometimes this is not possible though. For example if you are using a cheap hosting service instead of operating your own http server. In such case request rewriting comes in as an alternative. In this situation you also typically have to rely on distributed configuration files (".htaccess") instead of being able to use the usual http server's host configuration. That comes with a few disadvantages, but sometimes it is your only option.
Have a try using such an implementation:
RewriteEngine on
RewriteRule ^/?user/project/build/(.*)$ /user/project/$1 [R=301,L]
RewriteRule ^/?user/project/(.*)$ /user/project/build/$1 [END]
This relies on the rewriting module being loaded and activated in the http server, obviously. And also the usage of distribute configuration files needs to be enabled for the http host and the requested location.
Always test using a fresh anonymous browser instance (to prevent caching issues in your tests). It also makes sense to start out using a R=302 temporary redirection first and only to change that to a R=301 permanent redirection once everything works as expected.
I've made a cookbook in Chef to install a web application, Apache and PHP.
This web application has a PHP document that clients access in this URL:
http://localhost/www-app/ClientFE
With this I have a problem. By default PHP will only interpret documents that have a PHP extension, and as my URL doesn't have it, it gets interpreted as text. I can't change the file's extension because the client (which is also software) should not be modified.
What I want to accomplish is to make PHP interpret that document, and for what I've investigated it can be accomplished in three ways at least: configure appropriately PHP, create an alias, create a rewrite rule.
First: I could configure PHP to interpret the desired document:
<FilesMatch "/www-app/ClientFE">
SetHandler application/x-httpd-php
</FilesMatch>
Second: I could do it through mod_write (I would have to rename the fill in the web app, which is also acceptable for me):
RewriteCond ^/www-app/ClientFE /www-app/ClientFE.php
Third: I could do it with mod_alias in a similar fashion than mod_rewrite.
The 3 are good for me, but my problem is: how to do them with Chef ? I haven't been able to find useful docs about it, and I have already tried to put this in my recipe (I found them around the Internet but they haven't worked):
apache_rewrite do
source "/www-app/ClientFE"
target "/www-app/ClientFE.php"
end
and this
apache_module "alias" do
source "/www-app/ClientFE"
target "/www-app/ClientFE.php"
end
Some people in my company suggested 2 valid solutions:
Put the configuration in a .htaccess inside my web application. This works for me and allows to use the alternatives I mentioned above.
Do nothing! It happens that the Multiviews option in the Apache2 cookbook is enabled by default, and it allows Apache to resolve URL http://localhost/A as http://localhost/A.php .... I mean, if Apache is asked about file A, and it doesn't find it, then it will search for A.php instead.
From the two, I chose the later, and yes, it works. It wasn't working before because in my many attempts I created both A and A.php and in that case the Multiviews has no effect.
I've taken over development of a fairly heavy-duty LAMP application. The original dev used an .htaccess file with RewriteMap and a PHP script to handle certain conditions of the app.
Specifically, when certain subdomain patterns are requested by the client, the RewriteMap catches them and sends them to the appropriate application module.
I'm quite comfortable with typical mod_rewrite redirects, and I think I've got the basic RewriteMap concept figured out; but I'm struggling to find decent documentation on how RewriteLock works. According to the Apache docs:
This directive sets the filename for a synchronization lockfile which mod_rewrite needs to communicate with RewriteMap programs. Set this lockfile to a local path (not on a NFS-mounted device) when you want to use a rewriting map-program. It is not required for other types of rewriting maps.
But this is still a little vague for me. Whats the exact purpose and function of RewriteLock and how does it work?
RewriteLock is used with the prg: keyword. RewriteMap can be used with several keywords, to use text files (txt:), hashfiles (dbm:), randomized text (rnd:) or external mapping scripts ( this one is the prg: keyword ). In this mode the external script is launched when apache start. Then for every incoming request, when mod-rewrite is calling the prg: mapping, apache sends input to that script and reads the output stream to get the value.
RewriteLock must be used in that case to prevent parallel requests (so parallel inputs to that external process) to mix answers on this process standard output. It's a locking mechanism (a file, the given path, which is a classical token, only one user) to enforce serialization of the calls to this external mapping script. IMHO it should be transparently applied by mod-rewrite when using prg: as I never found a prg case where this locking thing is not mandatory.
Edit:
Well in fact you could use an external prg: without the rewriteLock if randomization of the output is not a problem, i.e. for a given entry you can get a response which was given for another entry, like in a script doing some advanced rnd:, your own round-robin service. But if the output must reflect the entry, then you need that semaphore, which of course can slow down the rewritemap process.
So if you're only using the hashmap or textmap you do not need to set the RewriteLock.
Edit:
You may find useful details on this thread, like the fact the lock file exists only for a few milliseconds, when apache calls the prg and waits for an answer.
Edit:
On the question one strange fact is:
The original dev used an .htaccess file with RewriteMap
This is strange because RewriteMap cannot work on .htaccess files, .htaccess are configuration entries read dynamically and RewriteMap as stated here in the Context line can only be set in the main configuration or in a VirtualHost configuration. It cannot be in a Location, a Directory or a .htaccess. So chances are this will never work in a .htaccess.
Now #puk asked for an example of RewriteMap usage. Well, searching for "RewriteMap" in Stack overflow will show you several real examples:
here in a question
here a list of example in my answer
another here
Apache hangs if you define more than one RewriteLock directives or if you use it in a VHOST config.
The RewriteLock should be specified at server config level and ONLY ONCE. This lock file will be used by all prg type maps. So if you want to use multiple prg maps, I suggest using an internal locking mechanism, for example in PHP there is the flock function, and simply ignore the warning apache writes in the error log.
See here for more info:
http://books.google.com/books?id=HUpTYMf8-aEC&lpg=PP1&pg=PA298#v=onepage&q&f=false
I'm a self-taught coder and I like to debug by echoing suspicious variables and commenting out code.
Lately, I've had to learn more about the .htaccess file. I need it to do things like interpret php scripts as php5, url rewriting, limit file upload size etc.... I have a lot of trouble debugging a .htaccess file. I often have to migrate PHP applications from one shared hosting environment to another. Sometimes this breaks the .htaccess file (or instead, something in the .htaccess file breaks the site). I check to make sure domain names are updated.
Are there popular techniques for debugging a .htaccess file? Is it just look in the apache logs? Anything else?
Looking in the apache logs is the easiest way to debug .htaccess imho (adding rewriteLog Directive if necessary)
About migrating: if you are not using any physical file paths inside .htaccess (i.e. /var/www/site/script.php) they should be working without problems. If this is not the case, first try to remove all options and leave only redirect directives, in this mode you can see if it's problem with server configuration which denies rewriting of default settings.
Some reference