I read at least a dozen of posts about it, and found something like to setup in my site's root folder (which is www/pg-dev). htaccess file:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^weiadesigner/pg-dev
RewriteRule ^subdir/(.*)$ http://weiadesigner/pg-dev/$1 [L,R=301]
it suppose to (I think), redirect from any attempt to access weiadesigner/pg-dev to http://weiadesigner/pg-dev/$1. However, still nothing happen, I still receive the 404 Not Found issue.
I access the WAMP server through my computer name which is weiadesigner with chrome. /pg-dev is the folder where my site is. I try to tell the Apache to redirect all subdomain access (meaning, if someone access weiadesigner/pg-dev/events in a url bar in a browser) , for example weiadesigner/pg-dev/events, will respond with AngularJS router instead of the 404 Not Found from the Apache server, because I am using the HTML base tag that is setup in the index.php in its with
<base href="/pg-dev/">
<base target="_blank" href="http://weiadesigner/pg-dev/">
I am having a big hard time to find any valid solution on this.
Related
I'm using Liferay 6.2 EE that runs on tomcat but it's fronted by an Apache server. I want to redirect users so that whenever they hit the old liferay URL, it redirects them to the new liferay URL. I changed the URL in liferay, so it is now the new URL. However, whenever I try to go to the old URL, I get a page request error. It never redirects me to the new URL. In /san/apache/conf/ I put my redirect code inside of httpd.conf. This my code:
RewriteEngine On
RewriteRule ^group/old/(.*) /group/new/$1 [L]
After I applied these changes, I restarted the Apache server and it still doesn't work. I've tried a bunch of other combinations as well. Does anyone know what I'm doing wrong? Is there some place else I have to make this change?
Ah, since your rewrite rule is lying in the server config file (instead of htaccess file), the mod-rewrite receives URLs with the leading slashes (/). So, the rule should be:
RewriteEngine On
RewriteRule ^/group/old/(.*) /group/new/$1 [L]
I have disabled the browsing of content by using
Options -Indexes
Now I want to disable directly access of assets(images and videos) by hitting url directly for any project that is present in htdocs folder.
My webserver is Apache Tomcat.
I am accessing the content from a project in apache using a url.
The URL should serve the content in JSP/HTML files deployed in Apache Tomcat. But should be blocked if hacker finds the URL from page source and put the URL in browser.
Thanks in advance.
you have two solutions
1) create a .htacess file and set rules
2) store your protected file somewhere outside the web root folder and acess them using php or any other language.
2nd one is recommended. you can only access your files through server side codes(php,...). Crete a file handling script and check permissions when accessing.
To go with .htaccess file you need to have something like..
Try following:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]
Returns 403 if you access image directly, but allows them to be displayed on site.
Change localhost to the server/domain name of yours.
NOTE: it is possible that when you open some page with image and than copy that image's path into the address bar you can see that image, it is only because of the browser's cache, in fact that image has not been loaded from the server
I'm using .htaccess for URL redirection as below:
RewriteEngine On
RewriteRule ^x.php$ /y.php
Can the user know some how (even using some advanced tools) that the page was actually served from y.php instead of x.php?
Thanks
On my website, I would rename the URL on address bar, from
domain.com/economy/article.php?id=00
to
domain.com/economy/id-name-article.html
I wrote this .htaccess file:
RewriteEngine On
RewriteRule ^([0-9]+)-([^\.]*)\.html$ http://domain.com/economy/article.php?id=$1 [L]
I have an anchor with this href: href="economy/id-name-article.html" and when I click on it, the server is redirected on article.php, it runs the script in the correct way and I can view the article, but on the address bar is still written domain.com/economy/article.php?id=00 instead domain.com/economy/id-name-article.html. Why?
This happens only on my online server, while locally it's all right.
The mod_rewrite module is issuing a redirect to your browser rather than transparently rewriting the url, causing you to see the new url in your browser.
Try removing the http://domain.com portion from your RewriteRule to see if it avoids the redirect to your browser by changing the rule to:
RewriteRule ^([0-9]+)-([^\.]*)\.html$ /economy/article.php?id=$1 [L]
If that fails, you could also use the proxy flag [P] to force apache to transparently fetch the page and return it to your users without the redirect. I don't recommend this approach since it can have security implications but it should work if the above doesn't.
EDIT: To clarify, rewriting the url with a fully-qualified domain rather than a relative uri tells apache that the redirect is on a different server, and therefore it doesn't know that the new url is accessible on the same host without redirecting the client.
I have a PHP app running on an Apache/RHEL setup. I have the SSL certificate installed and it all checks out okay. I am using the .htaccess file to redirect to 'https://' with this snippet
RewriteCond %{HTTPS} !^on$
RewriteRule (.*) https://example.com/$1 [R,L]
All assets on the site use relative URLs for assets, however some of them are served with 'https://' and some are served with 'http://'.
In Chrome, the stylesheets and javascripts are blocked using a relative URL. If you visit the stylesheet directly (with the https://) it loads just fine and even gives the green company name in the URL bar.
Some of the images return '302 Found' and looking at the request information via the Chrome dev tools I can see the Request Url is 'http://' while further down in the response headers section I see under location 'https://'. It seems to only do this with some images and some it doesn't - I can't find a pattern. If I visit some of the problem images directly they, again, load just fine.
Is that .htaccess redirect interfering with how the assets are served? I've restarted browsers, cleared cache, etc. I'm at a complete loss. I can provide more details about the setup if they are necessary. Thanks in advance.
edit
Just to clarify - this isn't an issue with a single absolute URL in the document giving an insecure content warning. Relative URLs are being accessed by 'http://' despite being a relative URL.