I have been stuck on this problem for hours and cannot find a suitable solution. I am running an ecommerce CMS from a directory eg. mywebsite.com/store/
/ has an .htaccess file which doesn't seem to change anything in /store/
/store/ has its own .htaccess file which i have been adding changes too
I have been trying to restrict access to the admin panel using the following rule to only 2 IP addresses.
RewriteCond %{REQUEST_URI} !^/store/?(index.php/)?admin123/ [NC]
RewriteCond %{REMOTE_ADDR} !^185.66.7.254$ [OR]
RewriteCond %{REMOTE_ADDR} !^217.41.62.40$
RewriteRule ^(.*)$ http://%{HTTP_HOST}/ [R=302,L]
However the major problem is that this redirects all users going to any URL not containing /admin123/ to /, otherwise it works as expected in restricting admin panel. How do I fix this?
UPDATE 08/02: As of yet I still have not found a workable solution to this issue, at best I can blacklist ISP IPs to the whole /store/ folder using "deny from"
Try to define the base path:
RewriteEngine On
RewriteBase /store/
Related
I'm having trouble writing redirect rules in my website's htaccess file.
Basically, i want to write two rules:
1 - When i write the base URL, like http://www.example.com, i want it to automatically redirect the user to http://www.example.com/someDirectory.
2 - However, when i write http://www.example.com/Admin, i want it to redirect the user to http://www.example.com/Admin.
Here's what i've managed to do so far:
# This allows you to redirect index.html to a specific subfolder
Redirect http://www.example.pt http://www.example.pt/MainFolder
# This allows you to redirect index.html to a specific subfolder
Redirect http://www.example.pt/Admin http://www.example.pt/Admin
However this does not work... Any idea on how to do this?
Try it like this,
When there is no request for specific file or directory it will redirect you to your directory mention in rule and for the rest it will work without any rule.
Please check.
RewriteEngine on
RewriteCond %{REQUEST_URI} ^$
RewriteRule ^ %{HTTP_HOST}/someDirectory [R,L]
After a long research i was able to find a solution to my problem. I'll leave it here, in case anyone's having the same problem:
#Rewrite everything to subfolder
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/MainFolder
RewriteCond %{REQUEST_URI} !^/Admin
Rewriterule ^(.*)$ MainFolder/$1 [L]
Recently I have encounter a strange issue , my website www.xyz.com is being pointed by some one on the web domain let suppose www.abc.com.
Though the whole website is on www.xyz.com but the other domain display every single content and directory path structure by their domain...e.g. the real path is www.xyz.com/somepage/id/etc can be work by www.abc.com/somepage/id/etc with same directory paths....
This other website is just redirecting everything to my website and I want to stop this domain to use my directory structure. This www.abc.com is also being crawled by Google crawler and added its link in Google search engine.
This is a very new issue to me I have one solution to restrict every single request and check if its from my own website or not.
Second solution is to restrict them through htaccess but I don't find perfect solution using htaccess.
I saw on the web it stop all the referrer, but doing that I am afraid if it will stop users coming from other website to my website ...I just need to restrict other domains to use my whole website as theirs using redirection...i have taken this issue on go daddy and they said they also don't know why the other website is pointing to my ip address ... so clueless I need expert advice to secure my website from future issues like this ...kindly advice...
My htaccess is
Options +FollowSymLinks
IndexIgnore */*
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
and i am using YII...
You can place this rule just below RewriteEngine On line:
RewriteEngine On
RewriteCond %{REMOTE_HOST} abc\.com$ [NC,OR]
RewriteCond %{HTTP_REFERER} abc\.com$ [NC,OR]
RewriteCond %{HTTP_HOST} !xyz\.(com|net)$ [NC]
RewriteRule ^ - [F]
In your .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.xyz\.com$
RewriteCond %{HTTP_HOST} !^subdomain\.xyz\.com$
RewriteRule .* - [F]
I know similar questions have come up, though often without a working answer. I'm hoping to have better luck!
I have an .htaccess file in my root directory adding "www" to everything:
RewriteEngine on
RewriteCond %{SERVER_NAME} ^mysite.org
RewriteRule ^(.*)$ http://www.mysite.org/$1 [R=permanent,L]
This generally works fine. I have a subfolder (/myquiz/) in which the old index.html file has been replaced with index.php. I know there are external links to /myquiz/index.html, so I want to make sure those redirect. Leaving index.html in place and trying to redirect from that led to some odd behavior, but adding an .htaccess in that directory works for that:
RewriteEngine On
RewriteBase /
RewriteRule ^index\.html?$ /myquiz/index\.php [NC,R]
Trying to load index.html redirects to index.php as hoped for, and the WWW gets added if needed. But requesting mysite.org/myquiz/index.php directly does not add the WWW.
I tried adding "RewriteEngine inherit", but that resulted in calls getting redirected to my root folder instead. A great trick if I want to make a subfolder inaccessible, but not helping here. I also tried just adding the code from my root .htaccess into the beginning of my subfolder's .htaccess, but that worked no better.
Any ideas?
You shouldn't need to add another htaccess file in the myquiz folder. This should work in the htaccess file in the root of the site. Remove the htaccess file in myquiz and try this.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^mysite\.org
RewriteRule ^(.*)$ http://www.mysite.org/$1 [R=301,L]
RewriteRule ^myquiz/index\.html$ /myquiz/index.php [R=301,L]
Also I wouldn't use %{SERVER_NAME} unless your are sure the name is set properly in the config file. Then it can be more reliable than HTTP_HOST, otherwise I would instead use %{HTTP_HOST}.
I think inherit would work if you add an L flag to the rule that you have in your myquiz folder:
RewriteRule ^index\.html?$ /myquiz/index\.php [NC,R,L]
So that it redirects first, then the inherited rule (the www) gets applied after.
You could also just put both rules in the same file:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mysite.org$ [NC]
RewriteRule ^(.*)$ http://www.mysite.org/$1 [R=permanent,L]
RewriteRule ^myquiz/index\.html$ http://www.mysite.org/myquiz/index.php [R=permanent,L]
I'm trying to manipulate the .htaccess file on my blogs server to allow certain content to be redirected while allowing others to be accessed.
What I would like to do, is allow any file with the extension of (gif|jpg|css|js|ico|png) to be accessed along with a directory /includes/ and a file sitemap.html while all other traffic I would like to send to the sitemap.html file.
Is this possible?
Here's the code that I'm trying to use but it doesn't appear to be working as ecpected. The redirect matched the file extensions and allows the sitemap.html file to be accessed but the /includes/ directory that I want to be allowed access to froma user perspective regardless of what files are in the actual directory still appears to be redirecting to the sitemap.html file.
RewriteEngine On
RewriteCond %{REQUEST_URI} !(\.(gif|jpg|css|js|ico|png)$|^/includes$|^/sitemap\.html$)
RewriteRule ^(.*)$ /sitemap.html [R=301,L]
Any help would be greatly appreciated.
Try this:
RewriteCond %{REQUEST_URI} !\.(gif|jpg|css|js|ico|png)$ [NC]
RewriteCond %{REQUEST_URI} !^/(sitemap\.html|includes(/.*|))$ [NC]
RewriteRule ^ /sitemap.html [R=301,L]
Sure both RewriteCond lines can be combined into 1 but I would suggest keeping it 2 separate as this is easier to read and easy to maintain in case you want to add new extensions or new directories for exclusion in future.
How to get file directory trough .htaccess by using RewriteRule ^(.*)$ ?id=$1 [L,QSA]?
If .htaccess is located in http://localhost/some/dir/.htaccess and I'm opening http://localhost/some/dir/here/I/use/RewriteRule/, how I detect value /some/dir/ without using RewriteBase and without manual adding %{DOCUMENT_ROOT}/some/dir/, like value localhost I get trough %{HTTP_HOST}?
If you do not use RewriteBase you need to tell mod-rewrite the real Directory Root /var/ww/mysite/some/dir in the rewrite rule. RewriteBase would take the location url and map it to the directory.
So you'll maybe end up with
RewriteRule /var/ww/mysite/some/dir/(.*)$ ?id=$1 [L,QSA]
And trying to map some internal variables it may be
RewriteRule %{DOCUMENT_ROOT}/some/dir/(.*)$ ?id=$1 [L,QSA]
But I'm unsure, I rarely use mod_rewrite in .htaccess -- I prefer Directory tags, and the file path management can be different in .htaccess (auto removal and adding of directory prefixes). If you do not find a solution try to ask Servfault, plenty of admins other there.
Actualy Apache still does not have pathinfo($,PATHINFO_DIRNAME), function like has PHP.
So on now there are solution on using %{REQUEST_URI}, like this example:
RewriteRule ^(.+)/$ /path-dirname/$1 [R=301,L]
may reset with:
RewriteCond %{REQUEST_URI} ^(.+)/$
RewriteRule ^.+/$ %1 [R=301,L]