What I have at this moment.
In httpd-deflate.conf in Location section:
SetEnvIfNoCase Request_URI \
\\.(?:gif|jpe?g|jpg|png|rar|zip|exe|flv|swf|mov|wma|mp3|mp4|avi|mp?g)$ no-gzip dont-vary
In .htaccess:
Options +FollowSymlinks
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index\.php$ [NC]
RewriteRule ^(.+)$ /index.php?_route_=$1 [L,QSA]
With these settings images that are actually on the server are processed as needed - without gzip encoding and without "Content-Encoding: gzip" header in the server response.
But nonexistent images are processed in index.php file.
http://example.com/nonexistent-path/non-existent-image.jpg
The response body:
Cache-Control: max-age=84148768
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 49860
Content-Type: image/jpeg - ((I set it in php manually after image generation before output))
Date: Mon, 01 May 2017 22:04:48 GMT
Expires: Tue, 31 Dec 2019 20:44:16 GMT
Last-Modified: Thu, 17 Nov 2016 14:51:10 GMT
Server: nginx
Strict-Transport-Security: max-age=2592000
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
x-content-type-options nosniff
As you see this nonexistent image was processed as a document, not as a .jpg image.
On the server I have Apache and nginx proxy, as I understand. What should I paste in httpd-deflate.conf or in any other place to remove gzip encoding for nonexistent images and to remove "Content-Encoding: gzip" in the server response?
Thank you.
Use
apache_setenv( 'no-gzip', '1' );
in your PHP script before output.
Related
i have this .htaccess:
# Rewrite URL
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond "%{HTTP_HOST}" "!^www.mydomain.com" [NC]
RewriteCond "%{REQUEST_URI}" "!^/myfile.html" [NC]
RewriteRule \.*$ - [F,NC]
</IfModule>
I want DENY access to ALL resources, EXCEPT for:
all resource from HTTP_HOST (es. www.mydomain.com);
specific gived file (es. myfile.html).
The code above not work. As i can solve it?
Thanks
PS: In other words, i want to do something like:
<?php
if (
$_SERVER["REMOTE_ADDR"] !== "www.mydomain.com" ||
$_SERVER["REQUEST_URI"] !== "/myfile.html"
) {
// redirect 403
}
}
?>
Based on your comments I believe you need to check for referrer. You may try this rule:
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"
RewriteCond %{REQUEST_URI} !/myfile\.html$ [NC]
RewriteRule \. - [F]
Just keep in mind that HTTP_REFERER based blocking is not very strong protection as clients can spoof this header.
Testing curl commands:
curl --referer 'http://example.com/' -IL 'http://yourdomain.com/'
HTTP/1.1 403 Forbidden
Date: Thu, 08 Apr 2021 09:28:17 GMT
Server: Apache/2.4.46 (Unix) OpenSSL/1.1.1j PHP/8.0.3
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=iso-8859-1
curl --referer 'http://yourdomain.com/' -IL 'http://yourdomain.com/'
HTTP/1.1 200 OK
Date: Thu, 08 Apr 2021 09:27:47 GMT
Server: Apache/2.4.46 (Unix) OpenSSL/1.1.1j PHP/8.0.3
Strict-Transport-Security: max-age=31536000
X-Powered-By: PHP/8.0.3
Content-Type: text/html; charset=UTF-8
References:
Apache mod_rewrite Introduction
Apache mod_rewrite Technical Details
Apache mod_rewrite In-Depth Details
.htaccess tips and tricks
I have created an htaccess file for my multi-site Wordpress website, which contains the standard rewrite rules followed by a mod_headers section, with conditional FilesMatch directives.
The http headers all apply correctly to subdocuments of any Wordpress page (e.g. png, jpg, js, css etc), but never apply to the root document. Another pure html site on the same host does receive the headers correctly.
For example:
https://www.somedomain.com/site.css
returns:
HTTP/2 200 OK
content-type: text/css
date: Mon, 30 Mar 2020 09:36:10 GMT
server: Apache
x-content-type-options: nosniff
last-modified: Sun, 29 Mar 2020 12:55:43 GMT
etag: "14546d-5a1fdda3e88c5-gzip"
accept-ranges: bytes
cache-control: must-revalidate, public, max-age=31536000
expires: Sat, 20 Mar 2021 09:36:10 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
but https://www.somedomain.com/ only returns:
HTTP/1.1 200 Connection established
content-type: text/html; charset=UTF-8
date: Mon, 30 Mar 2020 09:36:09 GMT
server: Apache
x-powered-by: PHP/7.3.16
cache-control: no-cache
content-encoding: gzip
The htaccess code is below:
#BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
#add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) web/$1 [L]
RewriteRule ^(.*\.php)$ web/$1 [L]
RewriteRule . index.php [L]
</IfModule>
#END WordPress
#BEGIN Headers
<IfModule mod_headers.c>
#Remove server headers
Header always unset X-Redirect-By
Header always unset X-Powered-By
Header always unset Location
#Set server headers
Header always set X-Content-Type-Options nosniff
Header append Vary "Accept-Encoding, User-Agent"
#Set Cache-Control
<FilesMatch "\.(ico|jpe?g|png|gif|svg|webp|swf|css|mp4)$">
Header set Cache-Control "must-revalidate, public, max-age=31536000"
</FilesMatch>
<FilesMatch "\.(js)$">
Header set Cache-Control "private"
</FilesMatch>
<FilesMatch "\.(php|x?html?|pdf|xlsx?|docx?|pptx?|zipx?)$">
Header set Cache-Control "private, must-revalidate"
</FilesMatch>
#PHP/HTML specific headers
<FilesMatch "\.(php|x?html?)$">
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-DNS-Prefetch-Control "on"
Header always set Connection "keep-alive"
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Header always set Referrer-Policy "strict-origin-when-cross-origin"
Header always set X-Clacks-Overhead "GNU Terry Pratchett"
</FilesMatch>
</IfModule>
#END Headers
I need to redirect all website url without www to www website
on some server that i usually use i never got issue using this
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
on this server url are redirect from not www to www but they lose query string
i try with curl from mac shell and it seems that 301 lose query sting
$ curl -I http://mywebsite.com/web/practice/?sbp=12
HTTP/1.1 301 Moved Permanently
Date: Fri, 11 Nov 2016 09:25:30 GMT
Server: Apache
Location: http://www.mywebsite.com/web/practice/
Cache-Control: max-age=0
Expires: Fri, 11 Nov 2016 09:25:30 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=iso-8859-1
I would like to grab the url, check if the url contains "#!" and redirect to the same url without the "#!" string? I tried the following - but this is not working?
RewriteCond %{REQUEST_URI} "(.*).html#!$"
RewriteRule "(.*)" $1 [NC,L,R=301]
Try that one:
RewriteCond %{REQUEST_URI} ".*\.html#!$"
RewriteRule "^(.*\.html)#!$" $1 [NC,L,R=301]
Unfortunately, the previous solution was wrong. The server will not process the data after the grid symbol:
[27/Oct/2016:10:23:12 +0300] domain.com xx.xx.xx.xx xx.xx.xx.xx 200 0 0.000 HEAD /index.html HTTP/1.1 - curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
$ curl -I 'http://domain.com/index.html#!1asfasgf1ghgh'
HTTP/1.1 200 OK
Server: nginx/1.10.1
Date: Thu, 27 Oct 2016 07:23:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9977
Connection: keep-alive
Last-Modified: Sat, 23 Jan 2016 14:06:07 GMT
ETag: "a66b6-26f9-52a00d64891c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
I use precomposed gzipped CSS and JS files, so that server doesn't do this on the fly.
So in the same folder I have file.css (gzipped version), file.nozip.css (nogzipped version). Then depending whether browser accepts gzipped files or not, send proper version.
So I have the following in .htaccess:
RewriteEngine On
RewriteRule ^(.*)\.[0-9]+\.css$ $1.css [L]
#redirect Konqueror and "old browsers"
RewriteCond %{REQUEST_FILENAME} !\.nogzip\.css$
RewriteCond %{HTTP:Accept-encoding} !gzip [OR]
RewriteCond %{HTTP_USER_AGENT} Konqueror
RewriteRule ^(.*)\.css$ $1.nogzip.css [L]
<IfModule mod_headers.c>
Header set Vary User-Agent
#set Content-Encoding for all css files
<FilesMatch .*\.css$>
Header set Content-Encoding: gzip
Header set Cache-control: private
</FilesMatch>
#drop Content-Encoding in case we send not gzipped file
<FilesMatch .*\.nogzip\.css$>
Header unset Content-Encoding
</FilesMatch>
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault A36000000
</IfModule>
This approach I used many times before both as on Windows as well on Linux servers. Worked fine always.
However, recently while developing another site I face issue with the browser not recognizing the gzipped file as gzipped.
On localhost is working, here is the response header:
Accept-Ranges:bytes
Cache-control:private
Connection:Keep-Alive
Content-Encoding:gzip
Content-Length:39115
Content-Type:text/css
Date:Wed, 17 Jun 2015 11:27:28 GMT
ETag:"98cb-517998d9e690c"
Keep-Alive:timeout=5, max=100
Last-Modified:Wed, 03 Jun 2015 09:19:16 GMT
Server:Apache/2.4.12 (Win64) OpenSSL/1.0.1m PHP/5.6.9
Vary:User-Agent
X-Distributed-by:AHC
Here is the header received from the production server (not working - css file displayed as zipped in the browser):
Accept-Ranges:bytes
Cache-control:private
Connection:Keep-Alive
Content-Encoding:gzip
Content-Length:39099
Content-Type:text/css
Date:Wed, 17 Jun 2015 11:30:08 GMT
ETag:"98cb-517998d8fcd00-gzip"
Keep-Alive:timeout=5, max=99
Last-Modified:Wed, 03 Jun 2015 09:19:16 GMT
Server:Apache/2.4.10 (Debian)
Vary:User-Agent
The only difference is "X-Distributed-by:AHC", but this hardly be the reason for problem.
Any ideas what else to check?
In case 2, it strongly implies mod_deflate compressed it on the fly due to the etag:
ETag:"98cb-517998d8fcd00-gzip"
Maybe it would be best to set no-gzip for e.g. the konqueror case?