It seems that my web host (1&1) is not reading my .htaccess file.
I tried configuring my .htaccess file to prevent file access via the web browser, specifically all files with the following extensions: .txt, .jpg, .jpeg, .pdf, .xlsx, .xls, .doc, .docx, .eps, .gif, .png.
Here is my .htaccess file:
#DirectoryIndex index.php index.html
#Options +FollowSymLinks
Options -Indexes
# 1und1 needed for php extensionless redirect.
Options -MultiViews
<IfModule mod_rewrite.c>
RewriteEngine On
#RewriteBase /relative/web/path/
RewriteCond %{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.+)$ /$index.php [L,QSA]
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*) index.php
RewriteCond %{HTTP:Authorization} !^$
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization}]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain\.ltd [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain\.ltd.*$ [NC]
RewriteRule \.(gif|jpg|js|txt|php|html|css|js)$ /messageforcurious [L]
</IfModule>
<FilesMatch "\.(txt|jpg|jpeg|pdf|xlsx|xls|doc|docx|eps|gif|png)$">
Deny from all
</FilesMatch>
#php_value register_globals 0
How do I achieve what I want? Any tips?
It seems that the .htaccess file is readable by 1&1, but there is an easier way to block access to all files than what you are doing.
If you truly want to block all people from visiting your website - which is what blocking all files will do - you can make your .htaccess into:
Deny from all
Otherwise, you can do this, which will allow only some files to be accessed (in this case, only .html files):
<FilesMatch "\.html$">
Allow from YOUR_IP_ADDRESS
Deny from all
</FilesMatch>
For more reading, I'd look at this 1&1 overview of their .htaccess file
Note: I am entirely unsure of what your index.php redirects are doing above, since it seems that you want them to go to /messageforcurious. I'd remove those index.php redirects since it seems you don't want them.
Related
How do I use the .htaccess file to set a custom DocumentRoot for CSS files? All CSS files are within a folder named "assets", and I'd like to omit the "assets" folder when loading in the CSS files for an HTML page.
This is the current code I am using:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain-name.com$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www.domain-name.com$
RewriteCond %{REQUEST_URI} !assets/
RewriteRule (.*) /assets/$1 [L]
This code makes links relative to the assets folder, but it doesn't apply to CSS files for some reason, as I still need to use href="assets/styles.css" in order to load a CSS file from /assets. I'd like to simply use href="styles.css".
I would create only one .htaccess file to solve all your problems. Please put this into your /root folder and delete the other .htaccess files.
# This first part should be done by the webserver,
# if not than thing about to change you hoster but I put it here:
# Preventing direct access to any .ht file (.htaccess, .htpasswd, etc.)
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
Options +FollowSymlinks
Options -Indexes
# Start to Rewrite
RewriteEngine On
# For all URL starting with /css, /fonts, /img or /js
RewriteCond %{REQUEST_URI} ^/?(css|fonts|img|js)(/.*)?$ [NC]
RewriteRule ^.*$ /site/public/%1%2 [L]
# Redirect all to the Application if not done already
RewriteCond %{REQUEST_URI} !^/?site/public/index\.php [NC]
# but not if the URL starts with css, fonts, img or js
RewriteCond %{REQUEST_URI} !^/?(css|fonts|img|js)(/.*)?$ [NC]
# or if request is a real file
RewriteCond %{REQUEST_FILENAME} !-f
# or if request is a real directory but not the root directory
RewriteCond %{REQUEST_URI} ^/?$ [OR]
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite the rest to the index.php file in your public folder
RewriteRule ^.*$ /site/public/index.php [NC,L]
It worked... I just refreshed my browser cache, and the CSS files was included properly.
So I am using Kohana which is useful if you know it, but not needed to assist me.
I have the following mod_rewrite rules:
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/store/.*$
# Rewrite all other URLs to index.php/URL
RewriteRule .* index.php [L]
So I am trying to rewrite all requests for files and directories that do not exist to index.php.
However, I want any request sent to mydomain.com/store/* to go through as there is another htaccess file in the store directory that does work there. That does not seem to be working at the moment. Any ideas?
Full htaccess:
# Turn on URL rewriting
RewriteEngine On
# Installation directory
RewriteBase /
#ErrorDocument 404 http://www.mydomain.com/404Page.html
#Options +FollowSymlinks
# Protect hidden files from being viewed
<Files .*>
Order Deny,Allow
Deny From All
</Files>
RewriteCond %{REMOTE_ADDR} !^myip
RewriteCond %{REQUEST_URI} !^/maintenance\.html$
RewriteRule ^(.*)$ http://www.mydomain.com/maintenance.html [R=307,L]
##301 Redirect Rules##
#some 301 redirects i did not include here
##Kohana Redirect Rules##
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system|kohana|vendors)\b.* http://www.mydomain.com/ [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/?store/
# Rewrite all other URLs to index.php/URL
RewriteRule .* index.php [L]
Try this condition:
RewriteCond %{REQUEST_URI} !^/?store/
There is no need to check the characters after the directory. I made the first slash optional if I remeber correctly is the first slash only visible if your server configuration does not contain a tailing slash.
The issue turned out to be in the .htaccess file in the store directory not the one in the webroot. Thanks all, and sorry for my stupidity. IF anyone wants to leave comments on how to debug something of this nature for future users that would be awesome.
Normally I access a page like this: http://localhost/codeigniter/index.php/auth/login
However I want to be able to access to the page like this : http://localhost/codeigniter/auth/login
I have no information about http.conf and .htaccess configurations.
I have set $config['index_page'] = ''; in codeigniter/application/config/config.php
my http.conf file is at its default except uncommentnig "LoadModule rewrite_module modules/mod_rewrite.so"
I inspected many proposed .htaccess files but I could not understand the logic behind the rewriting rules.
Here is the most successful .htaccess content for me. It is located at /www/CodeIgniter/ .
(by the most successful I mean that this is the only one that gives 404 error created by the CodeIgniter not by the server.)
RewriteOptions Inherit
Options -Indexes
Options +FollowSymLinks
RewriteBase /CodeIgniter/
# Set the default file for indexes
DirectoryIndex index.php
<IfModule mod_rewrite.c>
# activate URL rewriting
RewriteEngine on
# do not rewrite links to the documentation, assets and public files
RewriteCond $1 !^(images|assets|uploads|captcha)
# do not rewrite for php files in the document root, robots.txt or the maintenance page
RewriteCond $1 !^([^\..]+\.php|robots\.txt)
# but rewrite everything else
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>
<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
ErrorDocument 404 index.php
</IfModule>
I hate requesting direct solutions however unfortunately, it is my last resort :/
Can you give me a right solution to my problem?
It's my repeat answer:
Codeigniter issues with paths in localhost (XAMPP)
please create .htaccess file in project folder and write:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
RewriteRule ^(.*)$ index.php?url=$1 [PT,L]
</IfModule>
<IfModule !mod_rewrite.c>
ErrorDocument 404 index.php
</IfModule>
You don't need to define in base_url in config file:
$config['base_url'] = ''; // blank it.
put this on your htaccess
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond $1 !^(index\.php|resources|robots\.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L,QSA]
</IfModule>
make sure the rewrite module is enabled on your server
This is the simplest one i found which works for me :-
RewriteEngine on
RewriteCond $1 !^(index\.php|resources|robots\.txt)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L,QSA]
I'm trying to implement cache busting, as prescribed by: http://html5boilerplate.com/docs/cachebusting/
However when I add the following to the .htaccess file in my media folder:
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L]
</IfModule>
and then I try to access a style sheet at: "/media/css/styles.1234.css", Apache complains with:
Not Found
The requested URL /media/css/styles.1234.css was not found on this server.
I can access styles.css at "/media/css/styles.css" so it's there and it works. I also know that the htaccess file gets processed because we also disallow directories from being browsed in the media folder with "Options -Indexes". Here is the htaccess file in its entirety:
Options -Indexes
AllowOverride All
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L]
</IfModule>
Also mod_rewrite has been confirmed to be loaded with this command: 'a2enmod rewrite'. Not sure what I'm doing wrong...
Here is the solution to my problem... Even though mod_rewrite was loaded, it needed to be set to on. So I just aded "RewriteEngine On"... resulting htaccess file:
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L]
</IfModule>
Relative path rewrite, missing RewriteBase: fail!
I had the same error, improperly used Header set X-Frame-Options "DENY". Quick fix might be to temporarily comment this out. Hope that help someone who need effective solution 'for now'.
I'm trying to add a file-ending (.kml) to a url using .htaccess but it's not working
The url is http://resihop.nu/kml
I want it to be http://resihop.nu/kml.kml this is what i tried:
RewriteRule ^kml.kml$ kml
Here is my full .htacess:
# Turn on URL rewriting
RewriteEngine On
# Installation directory
RewriteBase /
# Protect hidden files from being viewed
<Files .*>
Order Deny,Allow
Deny From All
</Files>
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
RewriteRule .* index.php/$0 [PT]
RewriteRule ^kml\.kml$ kml
You need to tell the server how to handle .kml files. Add this line to your .htaccess:
AddType application/x-httpd-php .kml
(Assumes you want .kml files to be parsed as PHP.)
Edit: Never mind, I just re-read your question and I realise that's not your problem. Just ignore me!
This should work for your case of using your own extension:
Options +FollowSymlinks
RewriteEngine On
RewriteBase /
RewriteRule ^(.+)\.kml$ /$1.php [NC,L]
Then you could access any file with the .kml extension, such as hello.kml.
Hope this helps.