I would like to grab the url, check if the url contains "#!" and redirect to the same url without the "#!" string? I tried the following - but this is not working?
RewriteCond %{REQUEST_URI} "(.*).html#!$"
RewriteRule "(.*)" $1 [NC,L,R=301]
Try that one:
RewriteCond %{REQUEST_URI} ".*\.html#!$"
RewriteRule "^(.*\.html)#!$" $1 [NC,L,R=301]
Unfortunately, the previous solution was wrong. The server will not process the data after the grid symbol:
[27/Oct/2016:10:23:12 +0300] domain.com xx.xx.xx.xx xx.xx.xx.xx 200 0 0.000 HEAD /index.html HTTP/1.1 - curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
$ curl -I 'http://domain.com/index.html#!1asfasgf1ghgh'
HTTP/1.1 200 OK
Server: nginx/1.10.1
Date: Thu, 27 Oct 2016 07:23:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9977
Connection: keep-alive
Last-Modified: Sat, 23 Jan 2016 14:06:07 GMT
ETag: "a66b6-26f9-52a00d64891c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Related
i have this .htaccess:
# Rewrite URL
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond "%{HTTP_HOST}" "!^www.mydomain.com" [NC]
RewriteCond "%{REQUEST_URI}" "!^/myfile.html" [NC]
RewriteRule \.*$ - [F,NC]
</IfModule>
I want DENY access to ALL resources, EXCEPT for:
all resource from HTTP_HOST (es. www.mydomain.com);
specific gived file (es. myfile.html).
The code above not work. As i can solve it?
Thanks
PS: In other words, i want to do something like:
<?php
if (
$_SERVER["REMOTE_ADDR"] !== "www.mydomain.com" ||
$_SERVER["REQUEST_URI"] !== "/myfile.html"
) {
// redirect 403
}
}
?>
Based on your comments I believe you need to check for referrer. You may try this rule:
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"
RewriteCond %{REQUEST_URI} !/myfile\.html$ [NC]
RewriteRule \. - [F]
Just keep in mind that HTTP_REFERER based blocking is not very strong protection as clients can spoof this header.
Testing curl commands:
curl --referer 'http://example.com/' -IL 'http://yourdomain.com/'
HTTP/1.1 403 Forbidden
Date: Thu, 08 Apr 2021 09:28:17 GMT
Server: Apache/2.4.46 (Unix) OpenSSL/1.1.1j PHP/8.0.3
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=iso-8859-1
curl --referer 'http://yourdomain.com/' -IL 'http://yourdomain.com/'
HTTP/1.1 200 OK
Date: Thu, 08 Apr 2021 09:27:47 GMT
Server: Apache/2.4.46 (Unix) OpenSSL/1.1.1j PHP/8.0.3
Strict-Transport-Security: max-age=31536000
X-Powered-By: PHP/8.0.3
Content-Type: text/html; charset=UTF-8
References:
Apache mod_rewrite Introduction
Apache mod_rewrite Technical Details
Apache mod_rewrite In-Depth Details
.htaccess tips and tricks
I use mod_rewrite to set some cookies and then redirect the user to the target url. As these cookies are used in a third party environment, I have to set the flag SameSite=none.
I tried to edit the Set-Cookie header via mod_headers, but I didn't get it to work.
My Apache config:
<VirtualHost *:80>
ServerName www.example.test
RewriteEngine on
RewriteRule ^/test/(.*)$ /test/$1 [CO=cookie1:1:.example.test:86400:/:true:true]
RewriteRule ^/test/(.*)$ /test/$1 [CO=cookie2:$1:.example.test:86400:/:true:true]
RewriteRule ^/test/(.*)$ http://www.example.test/test2/$1 [R,L]
Header always edit Set-Cookie ^(.*)$ "$1; SameSite=none"
Header always set X-Foo "bar"
Header always edit X-Foo ^(.*)$ "$1; SameSite=none"
</VirtualHost>
My test request:
Connecting to 127.0.0.1:80... connected.
HTTP request sent, awaiting response...
HTTP/1.1 302 Found
Date: Tue, 04 Feb 2020 09:12:23 GMT
Server: Apache/2.4.6 (CentOS) PHP/7.2.27
X-Foo: bar; SameSite=none
Set-Cookie: cookie1=1; path=/; domain=.example.test; expires=Sat, 04-Apr-2020 09:12:23 GMT; secure; HttpOnly
Set-Cookie: cookie2=0815; path=/; domain=.example.test; expires=Sat, 04-Apr-2020 09:12:23 GMT; secure; HttpOnly
Location: http://www.example.test/test2/0815
Content-Length: 218
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Cookie coming from 127.0.0.1 attempted to set domain to 127.0.0.1
Cookie coming from 127.0.0.1 attempted to set domain to 127.0.0.1
Location: http://www.example.test/test2/0815
Why is the X-Foo header edited, but the Set-Cookie headers are not?
I finally got it - you can set the SameSite flag in the RewriteRule:
<VirtualHost *:80>
ServerName www.example.test
RewriteEngine on
RewriteRule ^/test/(.*)$ /test/$1 [CO=cookie1:1;\ SameSite=none:.example.test:86400:/:true:true]
RewriteRule ^/test/(.*)$ /test/$1 [CO=cookie2:$1;\ SameSite=none:.example.test:86400:/:true:true]
RewriteRule ^/test/(.*)$ http://www.example.test/test2/$1 [R,L]
</VirtualHost>
Now I get the following response:
wget --server-response --header "Host: www.example.test" "http://127.0.0.1/test/0815"
--2020-02-05 11:15:15-- http://127.0.0.1/test/0815
Connecting to 127.0.0.1:80... connected.
HTTP request sent, awaiting response...
HTTP/1.1 302 Found
Date: Wed, 05 Feb 2020 10:15:15 GMT
Server: Apache/2.4.6 (CentOS) PHP/7.2.27
Set-Cookie: cookie1=1; SameSite=none; path=/; domain=.example.test; expires=Sun, 05-Apr-2020 10:15:15 GMT; secure; HttpOnly
Set-Cookie: cookie2=0815; SameSite=none; path=/; domain=.example.test; expires=Sun, 05-Apr-2020 10:15:15 GMT; secure; HttpOnly
Location: http://www.example.test/test2/0815
Content-Length: 218
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Cookie coming from 127.0.0.1 attempted to set domain to 127.0.0.1
Cookie coming from 127.0.0.1 attempted to set domain to 127.0.0.1
Location: http://www.example.test/test2/0815 [following]
What I have at this moment.
In httpd-deflate.conf in Location section:
SetEnvIfNoCase Request_URI \
\\.(?:gif|jpe?g|jpg|png|rar|zip|exe|flv|swf|mov|wma|mp3|mp4|avi|mp?g)$ no-gzip dont-vary
In .htaccess:
Options +FollowSymlinks
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index\.php$ [NC]
RewriteRule ^(.+)$ /index.php?_route_=$1 [L,QSA]
With these settings images that are actually on the server are processed as needed - without gzip encoding and without "Content-Encoding: gzip" header in the server response.
But nonexistent images are processed in index.php file.
http://example.com/nonexistent-path/non-existent-image.jpg
The response body:
Cache-Control: max-age=84148768
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 49860
Content-Type: image/jpeg - ((I set it in php manually after image generation before output))
Date: Mon, 01 May 2017 22:04:48 GMT
Expires: Tue, 31 Dec 2019 20:44:16 GMT
Last-Modified: Thu, 17 Nov 2016 14:51:10 GMT
Server: nginx
Strict-Transport-Security: max-age=2592000
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
x-content-type-options nosniff
As you see this nonexistent image was processed as a document, not as a .jpg image.
On the server I have Apache and nginx proxy, as I understand. What should I paste in httpd-deflate.conf or in any other place to remove gzip encoding for nonexistent images and to remove "Content-Encoding: gzip" in the server response?
Thank you.
Use
apache_setenv( 'no-gzip', '1' );
in your PHP script before output.
I need to redirect all website url without www to www website
on some server that i usually use i never got issue using this
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
</IfModule>
on this server url are redirect from not www to www but they lose query string
i try with curl from mac shell and it seems that 301 lose query sting
$ curl -I http://mywebsite.com/web/practice/?sbp=12
HTTP/1.1 301 Moved Permanently
Date: Fri, 11 Nov 2016 09:25:30 GMT
Server: Apache
Location: http://www.mywebsite.com/web/practice/
Cache-Control: max-age=0
Expires: Fri, 11 Nov 2016 09:25:30 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=iso-8859-1
I thought this would be a simple task but either I am worng or am just missing the easy answer!
I need a way for Apache to return a 200 for any page including a 404 page. Is there any easy solution?
This is the current header response:
HTTP/1.1
404 Article not found
Date: Mon, 01 Apr 2013 18:05:38 GMT
Server: Apache P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: 440d08f3c65b7f89402db924f5428cbd=ujg53v71nc68fi5pc36rllnd707; path=/
Set-Cookie: trcusr=%24%24; expires=Tue, 19-Jan-2038 03:14:07 GMT; path=/
Set-Cookie: cltid=103; expires=Tue, 19-Jan-2038 03:14:07 GMT; path=/
Set-Cookie: js_vsid=355; expires=Mon, 01-Apr-2013 22:05:38 GMT; path=/
Content-Type: text/html; charset=utf-8
I would use RewriteEngine to rewrite any URL to a file that doesn't exist to a page that does.
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^.*$ file-that-exists.html
Untested, but that should be close to it.